32 matches found
EUVD-2019-3550
Malware in sbrugna...
EUVD-2019-3551
Malware in sbrugna...
EUVD-2019-3554
Malware in sbrugna...
EUVD-2019-3549
Malware in sbrugna...
EUVD-2019-3553
Malware in sbrugna...
CVE-2019-11895
A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a successful denial of service of the SHC and connected sensors and actuators. In order to exploit the vulnerability, the adversary needs to...
CVE-2019-11896
A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller SHC before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...
Improper access control
A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller SHC before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup...
Privilege escalation
A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller SHC before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...
Improper access control
A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary...
CVE-2019-11892
A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary...
CVE-2019-11893
A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...
Privilege escalation
A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...
Privilege escalation
A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller SHC before 9.8.905 that may result in elevated privileges of the adversary's choosing. In order to exploit the vulnerability, the adversary needs physical access to the...
CVE-2019-11892
A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary...
CVE-2019-11896
CVE-2019-11896 affects the Bosch Smart Home Controller (SHC) via the 3rd-party pairing mechanism prior to version 9.8.907. The root issue is an incorrect privilege assignment that can allow a restricted app to acquire default app permissions after a successful app pairing, which requires user int...
CVE-2019-11896 Incorrect pviilege assignment in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC)
A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller SHC before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...
CVE-2019-11895 Improper access control in the JSON-RPC interface of the Bosch Smart Home Controller (SHC)
A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a successful denial of service of the SHC and connected sensors and actuators. In order to exploit the vulnerability, the adversary needs to...
CVE-2019-11895
The CVE-2019-11895 entry concerns an improper access control vulnerability in the JSON-RPC interface of the Bosch Smart Home Controller (SHC) prior to 9.8.905, which can lead to denial of service affecting the SHC and connected sensors/actuators. Exposure requires the attacker to have already pai...
CVE-2019-11894 Improper access control in the backup mechanism of the Bosch Smart Home Controller (SHC)
A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller SHC before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup...