CVE-2020-27285

Vulnerability

The default configuration of Red Lion Crimson 3.1 (Build versions prior to 3119.001) allows any user to read and modify the database without authentication. This is a Missing Authentication for Critical Function vulnerability (CWE-306) affecting the DA10D Protocol Converter. No special conditions or configurations are required to reach the vulnerable code path; the default settings expose the database to unauthenticated access [1].

Exploitation

An attacker with network access to the affected device can exploit this vulnerability without any authentication, user interaction, or elevated privileges. The attack is remotely exploitable with low skill level. The attacker simply connects to the device's database interface and performs read or write operations on the database, as no authentication checks are enforced [1].

Impact

Successful exploitation allows an attacker to read sensitive data from the database (confidentiality impact) and modify database contents (integrity impact). There is no impact on availability from this specific vulnerability. The attacker gains full access to the database without any privilege escalation, potentially leading to data theft, manipulation of device configuration, or disruption of operations [1].

Mitigation

Red Lion has released Crimson 3.1 Build 3119.001 to address this vulnerability. Users should upgrade to this version or later. No workarounds are documented in the advisory. The product is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].