What is CVE-2020-6769?

CVE-2020-6769 is a critical-severity vulnerability in Bosch Divar Ip 2000, classified under Missing Authentication for Critical Function. CVSS score: 10.0/10. Published 2020-02-07.

How severe is CVE-2020-6769?

Critical severity. CVSS v3 base score is 10.0 out of 10.

Auth bypass in Bosch Divar Ip 2000

CVE-2020-6769

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impa…

Vulnerability class: Broken Authentication

EPSS: 0.011 (78.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Bosch Divar Ip 2000 — versions unspecified
Bosch Divar Ip 3000 — versions All
Bosch Divar Ip 5000 — versions unspecified
Bosch Divar Ip 7000 — versions All
Bosch Divar Ip All-in-one 5000 — versions All
Bosch Video Streaming Gateway — versions 6.45, 6.44, 6.43

Weakness classification (CWE)

CWE-306 — Missing Authentication for Critical Function

References

psirt.bosch.com/security-advisories/BOSCH-SA-260625-BT.html (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-6769?: CVE-2020-6769 is a critical-severity vulnerability in Bosch Divar Ip 2000, classified under Missing Authentication for Critical Function. CVSS score: 10.0/10. Published 2020-02-07.
How severe is CVE-2020-6769?: Critical severity. CVSS v3 base score is 10.0 out of 10.