Vulnerability Details CVE-2020-6781
Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.2%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 5.8
References
Products affected by CVE-2020-6781
-
cpe:2.3:a:bosch:smart_home:-
-
cpe:2.3:a:bosch:smart_home:9.0.1
-
cpe:2.3:a:bosch:smart_home:9.11.0
-
cpe:2.3:a:bosch:smart_home:9.11.1
-
cpe:2.3:a:bosch:smart_home:9.11.2
-
cpe:2.3:a:bosch:smart_home:9.11.3
-
cpe:2.3:a:bosch:smart_home:9.13.0
-
cpe:2.3:a:bosch:smart_home:9.13.1
-
cpe:2.3:a:bosch:smart_home:9.14.0
-
cpe:2.3:a:bosch:smart_home:9.14.1
-
cpe:2.3:a:bosch:smart_home:9.15.0
-
cpe:2.3:a:bosch:smart_home:9.16.0
-
cpe:2.3:a:bosch:smart_home:9.17.0
-
cpe:2.3:a:bosch:smart_home:9.2.0
-
cpe:2.3:a:bosch:smart_home:9.2.1
-
cpe:2.3:a:bosch:smart_home:9.2.2
-
cpe:2.3:a:bosch:smart_home:9.4.0
-
cpe:2.3:a:bosch:smart_home:9.5.0
-
cpe:2.3:a:bosch:smart_home:9.5.1
-
cpe:2.3:a:bosch:smart_home:9.5.2
-
cpe:2.3:a:bosch:smart_home:9.6.0
-
cpe:2.3:a:bosch:smart_home:9.7.0
-
cpe:2.3:a:bosch:smart_home:9.8.0
-
cpe:2.3:a:bosch:smart_home:9.8.1