Vulnerabilites related to bosch - divar_ip_7000_r2
CVE-2020-6785 (GCVE-0-2020-6785)
Vulnerability from cvelistv5
Published
2021-03-25 15:49
Modified
2024-09-17 00:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Summary
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Bosch | BVMS |
Version: unspecified < 9.0.0 Version: 10.0 < 10.0.2 Version: 10.1 < 10.1.1 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:49:53",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6785",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "BVMS Viewer",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6785",
"datePublished": "2021-03-25T15:49:54.005154Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-17T00:35:36.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35867 (GCVE-0-2023-35867)
Vulnerability from cvelistv5
Published
2023-12-18 12:59
Modified
2024-08-02 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Summary
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Bosch | BVMS |
Version: 0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Configuration Manager",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "7.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Project Assistant",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Video Security Client",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.3.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BIS Video Engine",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Intelligent Insights",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.0.3.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "ONVIF Camera Event Driver Tool",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T12:59:48.604Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-35867",
"datePublished": "2023-12-18T12:59:48.604Z",
"dateReserved": "2023-06-19T09:15:32.387Z",
"dateUpdated": "2024-08-02T16:30:45.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28175 (GCVE-0-2023-28175)
Vulnerability from cvelistv5
Published
2023-06-15 10:14
Modified
2024-12-17 20:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Bosch | BVMS |
Version: 7.5 < |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T20:49:39.796592Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T20:51:14.639Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 3000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.0",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 7000 R1",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.0",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "10.1.1",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "11.1.1"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "11.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T10:14:34.076Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-28175",
"datePublished": "2023-06-15T10:14:34.076Z",
"dateReserved": "2023-03-13T15:46:37.814Z",
"dateUpdated": "2024-12-17T20:51:14.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-06-15 11:15
Modified
2024-11-21 07:54
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19576583-FEDD-4D73-AE62-863636F9CC3F",
"versionEndIncluding": "11.1.1",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE49F10A-B283-4A83-B2D4-FC2EF44C9CC7",
"versionEndIncluding": "11.1.1",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7AC49B-19B5-474A-B2AD-8801440663B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0DE1C9-D3C0-49BF-9FFD-B765F9AF6691",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:bosch:divar_ip_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "790EF36F-6C6B-477E-A2B8-369E6D113004",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D23E90-110B-4ADC-8417-CD0149D126D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27C0C9-7FC8-4B0C-BBF1-C7833CA9B2DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C021F78B-FBA2-4C35-8B26-FF0E3D4B9907",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "167DFF9C-69C3-4C70-B8A7-992D8D2AAD95",
"versionEndIncluding": "8.0",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE760B-9B65-49A3-92E5-93880C58A628",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_6000_firmware:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D313D23C-C0A8-4F36-93F5-9CF39EF6463F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "790EF36F-6C6B-477E-A2B8-369E6D113004",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_4000_firmware:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92342086-0830-4ABE-A3CF-91255FB7D0B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7AC49B-19B5-474A-B2AD-8801440663B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A981D11-E964-412C-A333-96BB930758CC",
"versionEndIncluding": "11.1.1",
"versionStartIncluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0DE1C9-D3C0-49BF-9FFD-B765F9AF6691",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1622C8F-3DD5-4112-BE15-C8873EDFA67E",
"versionEndIncluding": "11.1.1",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27C0C9-7FC8-4B0C-BBF1-C7833CA9B2DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69B16286-EF3B-4A4A-AB48-4149CFE6C862",
"versionEndIncluding": "8.0",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D23E90-110B-4ADC-8417-CD0149D126D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9BCD391-4552-4375-BCE7-0EF1BD81A03E",
"versionEndIncluding": "11.1.1",
"versionStartIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C021F78B-FBA2-4C35-8B26-FF0E3D4B9907",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request."
}
],
"id": "CVE-2023-28175",
"lastModified": "2024-11-21T07:54:32.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7,
"source": "psirt@bosch.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-15T11:15:09.227",
"references": [
{
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
],
"sourceIdentifier": "psirt@bosch.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "psirt@bosch.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-18 13:15
Modified
2024-11-21 08:08
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:building_integration_system_video_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F28540F2-5651-4443-8B98-F3880609FDF4",
"versionEndIncluding": "5.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E174ECD4-2F81-4F4D-81D5-2D6449E776C5",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF983D4-76C3-4B0B-B5D4-38B382817827",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:configuration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63F7045-9EA4-4ACA-851C-DF1D6B444022",
"versionEndIncluding": "7.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE6F03E-7671-45D3-9C9F-19112D8422D2",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27C0C9-7FC8-4B0C-BBF1-C7833CA9B2DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_all-in-one_4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F28D9-444C-4FE8-8129-57A65397380D",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "058E1EC6-5D7E-4AA4-AC6F-B235753AF06F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_all-in-one_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3475E4D-0F6A-4D7E-A667-F3B90F679535",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7075A014-A297-4E41-81D8-2535BC2BD4E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_all-in-one_6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F70C23B-1262-458A-89DA-56C767D23E46",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56136987-D034-4001-9D91-86205EA42C82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_all-in-one_7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40AE6FA0-24E1-4E16-BF04-FF267769C090",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E531FC6E-B7AF-48DF-ACC2-91B5BD2B68DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bosch:divar_ip_all-in-one_7000_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F993333-427F-4EA8-B509-63324D40C272",
"versionEndIncluding": "12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_7000_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF06298-9397-4111-9660-637A7A4484FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:intelligent_insights:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B338D-31A4-4192-936A-CD462112822F",
"versionEndIncluding": "1.0.3.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:_onvif_camera_event_driver_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8169AFEE-532B-4A40-B7E5-D1E8BDF29FF5",
"versionEndIncluding": "2.0.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:project_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39DB5F35-7309-4B50-817B-6DD03AC64A91",
"versionEndIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_security_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32C11F-D04D-4CE1-A8A4-68D5DF11F041",
"versionEndIncluding": "3.3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks."
},
{
"lang": "es",
"value": "Un manejo inadecuado de paquetes de respuesta API con formato incorrecto para clientes API en productos de software Bosch BT puede permitir que un atacante no autenticado provoque una situaci\u00f3n de denegaci\u00f3n de servicio (DoS). Para aprovechar esta vulnerabilidad, un atacante debe reemplazar un servidor API existente, por ejemplo mediante ataques Man-in-the-Middle."
}
],
"id": "CVE-2023-35867",
"lastModified": "2024-11-21T08:08:51.793",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "psirt@bosch.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-18T13:15:07.010",
"references": [
{
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
],
"sourceIdentifier": "psirt@bosch.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "psirt@bosch.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-25 16:15
Modified
2024-11-21 05:36
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7D73DA-EDCB-4F57-AAC9-965B63B9F3CF",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6559B32-B0A4-47CC-8245-040E5E9B1C47",
"versionEndExcluding": "10.0.2",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "355E7A22-FDEE-4C68-9127-4924DB360D38",
"versionEndExcluding": "10.1.1",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27C0C9-7FC8-4B0C-BBF1-C7833CA9B2DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7D73DA-EDCB-4F57-AAC9-965B63B9F3CF",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6559B32-B0A4-47CC-8245-040E5E9B1C47",
"versionEndExcluding": "10.0.2",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "355E7A22-FDEE-4C68-9127-4924DB360D38",
"versionEndExcluding": "10.1.1",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7075A014-A297-4E41-81D8-2535BC2BD4E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7D73DA-EDCB-4F57-AAC9-965B63B9F3CF",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6559B32-B0A4-47CC-8245-040E5E9B1C47",
"versionEndExcluding": "10.0.2",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "355E7A22-FDEE-4C68-9127-4924DB360D38",
"versionEndExcluding": "10.1.1",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:bosch:divar_ip_all-in-one_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E531FC6E-B7AF-48DF-ACC2-91B5BD2B68DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "336DCAFC-E774-457C-82FD-5FD51E385872",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02F69D10-E545-472A-83C7-F988EA357CBC",
"versionEndExcluding": "10.0.2",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24D063D2-7423-4A15-93F9-976597F7742D",
"versionEndExcluding": "10.1.1",
"versionStartIncluding": "10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
},
{
"lang": "es",
"value": "Cargar una DLL mediante un Elemento de Ruta de B\u00fasqueda no Controlada en Bosch BVMS y BVMS Viewer en las versiones 10.1.0, 10.0.1, 10.0.0 y 9.0.0 y anteriores, permite a un atacante ejecutar c\u00f3digo arbitrario en el sistema de una v\u00edctima.\u0026#xa0;Esto afecta tanto al instalador como a la aplicaci\u00f3n instalada.\u0026#xa0;Esto tambi\u00e9n afecta a Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 y Bosch DIVAR IP all-in-one 7000 con instaladores y versiones instaladas de BVMS anteriores a BVMS 10.1.1"
}
],
"id": "CVE-2020-6785",
"lastModified": "2024-11-21T05:36:10.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@bosch.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-25T16:15:13.523",
"references": [
{
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"sourceIdentifier": "psirt@bosch.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "psirt@bosch.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}