Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2020-6790
PUBLISHED
More InfoOfficial Page
Assigner-bosch
Assigner Org ID-c95f66b2-7e7c-41c5-8f09-6f86ec68659c
View Known Exploited Vulnerability (KEV) details
Published At-25 Mar, 2021 | 15:53
Updated At-17 Sep, 2024 | 04:25
Rejected At-
▼CVE Numbering Authority (CNA)
Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer

Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from.

Affected Products
Vendor
Robert Bosch GmbHBosch
Product
Video Streaming Gateway
Versions
Affected
  • From unspecified through 6.45.10 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-427CWE-427 Uncontrolled Search Path Element
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Dhiraj Mishra
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html
x_refsource_CONFIRM
x_transferred
Details not found