2 matches found
CVE-2019-11896
CVE-2019-11896 affects the Bosch Smart Home Controller (SHC) via the 3rd-party pairing mechanism prior to version 9.8.907. The root issue is an incorrect privilege assignment that can allow a restricted app to acquire default app permissions after a successful app pairing, which requires user int...
CVE-2019-11896 Incorrect pviilege assignment in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC)
A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller SHC before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...