CVE-2022-41677 MEDIUM

CVE-2022-41677

Vendor Bosch
Product Camera Firmware
Weakness CWE-284
Published December 18, 2023
Last update November 27, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to the internet.

Key dates

02Disclosure timeline

December 18, 2023 CVE published
November 27, 2024 Record updated