6.5
CVE-2023-32229
- EPSS 0.13%
- Veröffentlicht 15.06.2023 11:15:09
- Zuletzt bearbeitet 21.11.2024 08:02:56
- Quelle psirt@bosch.com
- CVE-Watchlists
- Unerledigt
LoginDue to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bosch ≫ Cpp13 Firmware Version < 8.48.0017
Bosch ≫ Autodome 7000i Version-
Bosch ≫ Autodome 7100 Ir Version-
Bosch ≫ Autodome Inteox 7000i Version-
Bosch ≫ Dinion Inteox 7100i Ir Version-
Bosch ≫ Flexidome Inteox 7100i Ir Version-
Bosch ≫ Mic Inteox 7100i Version-
Bosch ≫ Autodome 7100 Ir Version-
Bosch ≫ Autodome Inteox 7000i Version-
Bosch ≫ Dinion Inteox 7100i Ir Version-
Bosch ≫ Flexidome Inteox 7100i Ir Version-
Bosch ≫ Mic Inteox 7100i Version-
Bosch ≫ Cpp14 Firmware Version >= 8.50 < 8.80.0090
Bosch ≫ Dinion 7100i Ir Version-
Bosch ≫ Flexidome Indoor 5100i Version-
Bosch ≫ Flexidome Indoor 5100i Ir Version-
Bosch ≫ Flexidome Multi 7000i Version-
Bosch ≫ Flexidome Multi 7000i Ir Version-
Bosch ≫ Flexidome Outdoor 5100i Version-
Bosch ≫ Flexidome Outdoor 5100i Ir Version-
Bosch ≫ Flexidome Panoramic 5100i Version-
Bosch ≫ Flexidome Panoramic 5100i Ir Version-
Bosch ≫ Flexidome Indoor 5100i Version-
Bosch ≫ Flexidome Indoor 5100i Ir Version-
Bosch ≫ Flexidome Multi 7000i Version-
Bosch ≫ Flexidome Multi 7000i Ir Version-
Bosch ≫ Flexidome Outdoor 5100i Version-
Bosch ≫ Flexidome Outdoor 5100i Ir Version-
Bosch ≫ Flexidome Panoramic 5100i Version-
Bosch ≫ Flexidome Panoramic 5100i Ir Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.329 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| psirt@bosch.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
CWE-1246 Improper Write Handling in Limited-write Non-Volatile Memories
The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.