Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed.
References
Link | Resource |
---|---|
https://psirt.bosch.com/security-advisories/BOSCH-SA-885551-BT.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: bosch
Published: 2020-01-29T00:00:00
Updated: 2020-02-07T20:08:31
Reserved: 2020-01-10T00:00:00
Link: CVE-2020-6770
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-07T21:15:10.760
Modified: 2020-02-12T18:31:32.167
Link: CVE-2020-6770
JSON object: View
Redhat Information
No data.
CWE