CVE-2020-6785

🗓️ 25 Mar 2021 15:49:54Reported by boschType

CVE-2020-6785: Uncontrolled DLL Loading in Bosch BVM

Reporter	Title	Published	Views	Family All 7
CNNVD	Bosch BVMS 代码问题漏洞	25 Mar 202100:00	–	cnnvd
CNVD	Bosch BVMS and BVMS Viewer Code Issue Vulnerability	2 Apr 202100:00	–	cnvd
Cvelist	CVE-2020-6785 Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer	25 Mar 202115:49	–	cvelist
EUVD	EUVD-2020-27932	7 Oct 202500:30	–	euvd
NVD	CVE-2020-6785	25 Mar 202116:15	–	nvd
OSV	CVE-2020-6785	25 Mar 202116:15	–	osv
Prion	Code injection	25 Mar 202116:15	–	prion

NVD

Node

bosch video_management_systemRange<9.0

bosch video_management_systemRange10.0–10.0.2

bosch video_management_systemRange10.1–10.1.1

AND

bosch divar_ip_7000_r2Match-

Node

bosch video_management_systemRange<9.0

bosch video_management_systemRange10.0–10.0.2

bosch video_management_systemRange10.1–10.1.1

AND

bosch divar_ip_all-in-one_5000Match-

Node

bosch video_management_systemRange<9.0

bosch video_management_systemRange10.0–10.0.2

bosch video_management_systemRange10.1–10.1.1

AND

bosch divar_ip_all-in-one_7000Match-

Node

bosch video_management_system_viewerRange<9.0

bosch video_management_system_viewerRange10.0–10.0.2

bosch video_management_system_viewerRange10.1.0–10.1.1

[
  {
    "product": "BVMS",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThan": "9.0.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "10.0.2",
        "status": "affected",
        "version": "10.0",
        "versionType": "custom"
      },
      {
        "lessThan": "10.1.1",
        "status": "affected",
        "version": "10.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "BVMS Viewer",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThan": "9.0.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "10.0.2",
        "status": "affected",
        "version": "10.0",
        "versionType": "custom"
      },
      {
        "lessThan": "10.1.1",
        "status": "affected",
        "version": "10.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "DIVAR IP 7000 R2",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "product": "DIVAR IP all-in-one 5000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "product": "DIVAR IP all-in-one 7000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html

21 Nov 2024 05:36Current

7.9High risk

Vulners AI Score7.9

CVSS 26.9

CVSS 3.17.8

EPSS0.00061

CWE-427