CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-6790

HIGH
7.8
CVSS Severity Score
EPSS Score0.0570%
EPSS Percentile8.69th
Published2021年3月25日
Last Modified2024年11月21日

Vulnerability Description

Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from.

Affected Platforms (CPE)

📦
Bosch

Video Streaming Gateway

<= 6.45.10

References & Advisories

🔗 https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html
🔗 https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html

関連する脆弱性情報

CVE-2020-676910.0

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker ...

CVE-2019-69579.8

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 200...

CVE-2017-123187.5

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent ...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...