Severity

High

Analysis Summary

CVE-2019-20045

Specially crafted malicious packets could cause disconnection of active authentic connections or reboot of device.

CVE-2019-20046 

The affected product does not require adequate authentication, which may allow an attacker to read sensitive information or execute arbitrary code.

Impact

• Read sensitive information
• Execute arbitrary code
• Denial-of-service

Affected Vendors

Synergy Systems & Solutions (SSS)

Affected Products

HUSKY RTU 6049-E70
with firmware Versions 5.0 and prior

Remediation

Upgrade to firmware Version 5.1.2 or higher.