CVE-2022-41677
Last modified
CVE-2022-41677 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to the internet.. EPSS estimates a 0.50% chance of exploitation in the next 30 days.
Description
An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to the internet.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Bosch | Cpp14 Firmware | <= 8.80 |
| Bosch | Cpp13 Firmware | <= 8.48 |
| Bosch | Cpp7.3 Firmware | <= 7.86 |
| Bosch | Cpp7 Firmware | <= 7.86 |
| Bosch | Cpp6 Firmware | <= 7.86 |
| Bosch | Cpp4 Firmware | <= 7.10 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-41677?
How severe is CVE-2022-41677?
How do I fix CVE-2022-41677?
Are you affected by CVE-2022-41677?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST