GSD-2020-6770
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-6770",
"description": "Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 \u003c= 10.0.0.1225, 9.0 \u003c= 9.0.0.827, 8.0 \u003c= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed.",
"id": "GSD-2020-6770"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-6770"
],
"details": "Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 \u003c= 10.0.0.1225, 9.0 \u003c= 9.0.0.827, 8.0 \u003c= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed.",
"id": "GSD-2020-6770",
"modified": "2023-12-13T01:21:55.032050Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2020-01-29T13:00:00.000Z",
"ID": "CVE-2020-6770",
"STATE": "PUBLIC",
"TITLE": "Deserialization of Untrusted Data in Bosch BVMS Mobile Video Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DIVAR IP 3000",
"version": {
"version_data": [
{
"configuration": "vulnerable BVMS MVS version installed",
"version_affected": "=",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Bosch"
},
{
"product": {
"product_data": [
{
"product_name": "DIVAR IP 7000",
"version": {
"version_data": [
{
"configuration": "vulnerable BVMS MVS version installed",
"version_affected": "=",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Bosch"
},
{
"product": {
"product_data": [
{
"product_name": "BVMS Mobile Video Service",
"version": {
"version_data": [
{
"configuration": "patch for security issue 243748 not installed",
"version_affected": "\u003c=",
"version_value": "8.0.0.329"
},
{
"configuration": "patch for security issue 243748 not installed",
"version_affected": "\u003c=",
"version_value": "9.0.0.827"
},
{
"configuration": "patch for security issue 243748 not installed",
"version_affected": "\u003c=",
"version_value": "10.0.0.1225"
},
{
"version_affected": "\u003c=",
"version_value": "7.5"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 \u003c= 10.0.0.1225, 9.0 \u003c= 9.0.0.827, 8.0 \u003c= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-885551-BT.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-885551-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-885551-BT",
"discovery": "INTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.0.329",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.0.0.827",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.1225",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bosch:divar_ip_3000_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bosch:divar_ip_7000_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2020-6770"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 \u003c= 10.0.0.1225, 9.0 \u003c= 9.0.0.827, 8.0 \u003c= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-885551-BT.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-885551-BT.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-02-12T18:31Z",
"publishedDate": "2020-02-07T21:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…