CVE-2022-41677
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to the internet.
Se descubrió una vulnerabilidad de divulgación de información en los dispositivos de cámara IP de Bosch que permite a un atacante no autenticado recuperar información (como capacidades) sobre el dispositivo en sí y la configuración de red del dispositivo, revelando posiblemente configuraciones de red internas si el dispositivo está conectado a Internet.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-09-28 CVE Reserved
- 2023-12-18 CVE Published
- 2024-11-27 CVE Updated
- 2025-05-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://psirt.bosch.com/security-advisories/bosch-sa-839739-BT.html | 2023-12-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bosch Search vendor "Bosch" | Cpp14 Firmware Search vendor "Bosch" for product "Cpp14 Firmware" | <= 8.80 Search vendor "Bosch" for product "Cpp14 Firmware" and version " <= 8.80" | - |
Affected
| in | Bosch Search vendor "Bosch" | Cpp14 Search vendor "Bosch" for product "Cpp14" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Cpp13 Firmware Search vendor "Bosch" for product "Cpp13 Firmware" | <= 8.48 Search vendor "Bosch" for product "Cpp13 Firmware" and version " <= 8.48" | - |
Affected
| in | Bosch Search vendor "Bosch" | Cpp13 Search vendor "Bosch" for product "Cpp13" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Cpp7.3 Firmware Search vendor "Bosch" for product "Cpp7.3 Firmware" | <= 7.86 Search vendor "Bosch" for product "Cpp7.3 Firmware" and version " <= 7.86" | - |
Affected
| in | Bosch Search vendor "Bosch" | Cpp7.3 Search vendor "Bosch" for product "Cpp7.3" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Cpp7 Firmware Search vendor "Bosch" for product "Cpp7 Firmware" | <= 7.86 Search vendor "Bosch" for product "Cpp7 Firmware" and version " <= 7.86" | - |
Affected
| in | Bosch Search vendor "Bosch" | Cpp7 Search vendor "Bosch" for product "Cpp7" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Cpp6 Firmware Search vendor "Bosch" for product "Cpp6 Firmware" | <= 7.86 Search vendor "Bosch" for product "Cpp6 Firmware" and version " <= 7.86" | - |
Affected
| in | Bosch Search vendor "Bosch" | Cpp6 Search vendor "Bosch" for product "Cpp6" | - | - |
Safe
|
| Bosch Search vendor "Bosch" | Cpp4 Firmware Search vendor "Bosch" for product "Cpp4 Firmware" | <= 7.10 Search vendor "Bosch" for product "Cpp4 Firmware" and version " <= 7.10" | - |
Affected
| in | Bosch Search vendor "Bosch" | Cpp4 Search vendor "Bosch" for product "Cpp4" | - | - |
Safe
|