CVE-2022-32540
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.
Una divulgación de información en la aplicación Operator Client en BVMS versiones 10.1.1, 11.0 y 11.1.0 y VIDEOJET Decoder VJD-7513 versiones 10.23 y 10.30, permite a un atacante de tipo man-in-the-middle comprometer el flujo de vídeo confidencial. Esto sólo es aplicable para la codificación UDP cuando el sistema de destino contiene cámaras con plataforma CPP13 o CPP14 y versión de firmware 8.x
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-06-07 CVE Reserved
- 2022-09-30 CVE Published
- 2024-04-22 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://psirt.bosch.com/security-advisories/bosch-sa-464066.html | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bosch Search vendor "Bosch" | Videojet Decoder 7513 Firmware Search vendor "Bosch" for product "Videojet Decoder 7513 Firmware" | 10.23.0002 Search vendor "Bosch" for product "Videojet Decoder 7513 Firmware" and version "10.23.0002" | - |
Affected
| in | Bosch Search vendor "Bosch" | Videojet Decoder 7513 Search vendor "Bosch" for product "Videojet Decoder 7513" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Videojet Decoder 7513 Firmware Search vendor "Bosch" for product "Videojet Decoder 7513 Firmware" | 10.30.0005 Search vendor "Bosch" for product "Videojet Decoder 7513 Firmware" and version "10.30.0005" | - |
Affected
| in | Bosch Search vendor "Bosch" | Videojet Decoder 7513 Search vendor "Bosch" for product "Videojet Decoder 7513" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Bosch Video Management System Search vendor "Bosch" for product "Bosch Video Management System" | >= 10.1 <= 10.1.1 Search vendor "Bosch" for product "Bosch Video Management System" and version " >= 10.1 <= 10.1.1" | - |
Affected
| ||||||
| Bosch Search vendor "Bosch" | Bosch Video Management System Search vendor "Bosch" for product "Bosch Video Management System" | >= 11.1 <= 11.1.0 Search vendor "Bosch" for product "Bosch Video Management System" and version " >= 11.1 <= 11.1.0" | - |
Affected
| ||||||
| Bosch Search vendor "Bosch" | Bosch Video Management System Search vendor "Bosch" for product "Bosch Video Management System" | 11.0 Search vendor "Bosch" for product "Bosch Video Management System" and version "11.0" | - |
Affected
| ||||||