2 matches found
CVE-2019-11893
A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...
CVE-2019-11895 Improper access control in the JSON-RPC interface of the Bosch Smart Home Controller (SHC)
A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a successful denial of service of the SHC and connected sensors and actuators. In order to exploit the vulnerability, the adversary needs to...