CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6770

Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.15

EPSS Ranking 94.1%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 10.0

References

Products affected by CVE-2020-6770

Bosch » Bosch Video Management System Mobile Video Service » Version: 10.0.0.1225

cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:10.0.0.1225
Bosch » Bosch Video Management System Mobile Video Service » Version: 7.5

cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:7.5
Bosch » Bosch Video Management System Mobile Video Service » Version: 8.0.0.329

cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:8.0.0.329
Bosch » Bosch Video Management System Mobile Video Service » Version: 9.0.0.827

cpe:2.3:a:bosch:bosch_video_management_system_mobile_video_service:9.0.0.827
Bosch » Divar Ip 3000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_3000:-
Bosch » Divar Ip 7000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_7000:-
Bosch » Divar Ip 3000 Firmware » Version: N/A

cpe:2.3:o:bosch:divar_ip_3000_firmware:-
Bosch » Divar Ip 7000 Firmware » Version: N/A

cpe:2.3:o:bosch:divar_ip_7000_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6770

Products

Pricing

Contact Us