CVE-2022-32540 (GCVE-0-2022-32540)
Vulnerability from cvelistv5 – Published: 2022-09-30 16:38 – Updated: 2025-05-20 16:15
VLAI
Summary
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.
Severity
7.4 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://psirt.bosch.com/security-advisories/bosch… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:15:26.762937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:15:31.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.0",
"status": "affected",
"version": "11.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "VJD-7513",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "10.23.0002"
},
{
"status": "affected",
"version": "10.30.0005"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T16:38:54.000Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2022-32540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "11.1",
"version_value": "11.1.0"
},
{
"version_affected": "\u003c=",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c=",
"version_name": "10.1",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "VJD-7513",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.23.0002"
},
{
"version_affected": "=",
"version_value": "10.30.0005"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2022-32540",
"datePublished": "2022-09-30T16:38:54.000Z",
"dateReserved": "2022-06-07T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:15:31.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-32540",
"date": "2026-05-29",
"epss": "0.00144",
"percentile": "0.34478"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.1\", \"versionEndIncluding\": \"10.1.1\", \"matchCriteriaId\": \"CD731DAC-BFBB-4A0B-80D2-7B96AD570739\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1\", \"versionEndIncluding\": \"11.1.0\", \"matchCriteriaId\": \"74B38180-71C8-4C4E-8079-AD66AA9822BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bosch:bosch_video_management_system:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FF22168-E2A2-47B8-B9BC-104FF1CFDF30\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:bosch:videojet_decoder_7513_firmware:10.23.0002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C486DC73-F6C1-4A4A-896B-E613B2DBEF55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:bosch:videojet_decoder_7513_firmware:10.30.0005:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF3AFA6F-2DAB-4D5D-8AE3-1948563548E7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:bosch:videojet_decoder_7513:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A96A7B0B-4C65-412E-8AB0-BD6098548598\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.\"}, {\"lang\": \"es\", \"value\": \"Una divulgaci\\u00f3n de informaci\\u00f3n en la aplicaci\\u00f3n Operator Client en BVMS versiones 10.1.1, 11.0 y 11.1.0 y VIDEOJET Decoder VJD-7513 versiones 10.23 y 10.30, permite a un atacante de tipo man-in-the-middle comprometer el flujo de v\\u00eddeo confidencial. Esto s\\u00f3lo es aplicable para la codificaci\\u00f3n UDP cuando el sistema de destino contiene c\\u00e1maras con plataforma CPP13 o CPP14 y versi\\u00f3n de firmware 8.x\"}]",
"id": "CVE-2022-32540",
"lastModified": "2024-11-21T07:06:35.510",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}], \"cvssMetricV30\": [{\"source\": \"psirt@bosch.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 7.4, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.2}]}",
"published": "2022-09-30T17:15:12.890",
"references": "[{\"url\": \"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\", \"source\": \"psirt@bosch.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
"sourceIdentifier": "psirt@bosch.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"psirt@bosch.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-32540\",\"sourceIdentifier\":\"psirt@bosch.com\",\"published\":\"2022-09-30T17:15:12.890\",\"lastModified\":\"2024-11-21T07:06:35.510\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.\"},{\"lang\":\"es\",\"value\":\"Una divulgaci\u00f3n de informaci\u00f3n en la aplicaci\u00f3n Operator Client en BVMS versiones 10.1.1, 11.0 y 11.1.0 y VIDEOJET Decoder VJD-7513 versiones 10.23 y 10.30, permite a un atacante de tipo man-in-the-middle comprometer el flujo de v\u00eddeo confidencial. Esto s\u00f3lo es aplicable para la codificaci\u00f3n UDP cuando el sistema de destino contiene c\u00e1maras con plataforma CPP13 o CPP14 y versi\u00f3n de firmware 8.x\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"psirt@bosch.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@bosch.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1\",\"versionEndIncluding\":\"10.1.1\",\"matchCriteriaId\":\"CD731DAC-BFBB-4A0B-80D2-7B96AD570739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1\",\"versionEndIncluding\":\"11.1.0\",\"matchCriteriaId\":\"74B38180-71C8-4C4E-8079-AD66AA9822BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bosch:bosch_video_management_system:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF22168-E2A2-47B8-B9BC-104FF1CFDF30\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:bosch:videojet_decoder_7513_firmware:10.23.0002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C486DC73-F6C1-4A4A-896B-E613B2DBEF55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:bosch:videojet_decoder_7513_firmware:10.30.0005:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF3AFA6F-2DAB-4D5D-8AE3-1948563548E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:bosch:videojet_decoder_7513:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A96A7B0B-4C65-412E-8AB0-BD6098548598\"}]}]}],\"references\":[{\"url\":\"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\",\"source\":\"psirt@bosch.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:46:43.635Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-32540\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-20T16:15:26.762937Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-20T16:15:14.117Z\"}}], \"cna\": {\"source\": {\"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Bosch\", \"product\": \"BVMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.1.0\"}, {\"status\": \"affected\", \"version\": \"11.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.0.0\"}, {\"status\": \"affected\", \"version\": \"10.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"10.1.1\"}]}, {\"vendor\": \"Bosch\", \"product\": \"VJD-7513\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.23.0002\"}, {\"status\": \"affected\", \"version\": \"10.30.0005\"}]}], \"references\": [{\"url\": \"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"c95f66b2-7e7c-41c5-8f09-6f86ec68659c\", \"shortName\": \"bosch\", \"dateUpdated\": \"2022-09-30T16:38:54.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_name\": \"11.1\", \"version_value\": \"11.1.0\", \"version_affected\": \"\u003c=\"}, {\"version_name\": \"11.0\", \"version_value\": \"11.0.0\", \"version_affected\": \"\u003c=\"}, {\"version_name\": \"10.1\", \"version_value\": \"10.1.1\", \"version_affected\": \"\u003c=\"}]}, \"product_name\": \"BVMS\"}, {\"version\": {\"version_data\": [{\"version_value\": \"10.23.0002\", \"version_affected\": \"=\"}, {\"version_value\": \"10.30.0005\", \"version_affected\": \"=\"}]}, \"product_name\": \"VJD-7513\"}]}, \"vendor_name\": \"Bosch\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\", \"name\": \"https://psirt.bosch.com/security-advisories/bosch-sa-464066.html\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-32540\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@bosch.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-32540\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-20T16:15:31.413Z\", \"dateReserved\": \"2022-06-07T00:00:00.000Z\", \"assignerOrgId\": \"c95f66b2-7e7c-41c5-8f09-6f86ec68659c\", \"datePublished\": \"2022-09-30T16:38:54.000Z\", \"assignerShortName\": \"bosch\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…