TFTP is a simple protocol for transferring files, implemented on top of the UDP/IP protocols using well-known port number 69. TFTP was designed to be small and easy to implement, and therefore it lacks most of the advanced features offered by more robust file transfer protocols.
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP Port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/password or /proc/version
Recommended Actions
An open TFTP vulnerability can be resolved by configuring your firewall to block UDP port 69.
It is worth noting that blocking this port will only stop traffic over this port leaving or entering your network. Services on your LAN that use this port should continue to work as normal.
Reference Material
CVE.mitre.org is also another useful site and by searching their “CVE list” and typing in the Vulnerability they can help identify and mitigate the issue:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24990
