CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6788

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.9

References

Products affected by CVE-2020-6788

Bosch » Configuration Manager » Version: 5.50.0226

cpe:2.3:a:bosch:configuration_manager:5.50.0226
Bosch » Configuration Manager » Version: 5.51.0051

cpe:2.3:a:bosch:configuration_manager:5.51.0051
Bosch » Configuration Manager » Version: 5.52.0118

cpe:2.3:a:bosch:configuration_manager:5.52.0118
Bosch » Configuration Manager » Version: 5.53.0127

cpe:2.3:a:bosch:configuration_manager:5.53.0127
Bosch » Configuration Manager » Version: 5.54.0133

cpe:2.3:a:bosch:configuration_manager:5.54.0133
Bosch » Configuration Manager » Version: 6.10

cpe:2.3:a:bosch:configuration_manager:6.10
Bosch » Configuration Manager » Version: 7.21.0078

cpe:2.3:a:bosch:configuration_manager:7.21.0078

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6788

Products

Pricing

Contact Us