CVE-2022-47648

An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an insider attacker can gain access to the same panel without requiring any sort of authorization. The B420 module was already obsolete at the time this vulnerability was found (The End of Life announcement was made in 2013).

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://drive.google.com/drive/folders/16jvVFyp9RlHvXvq7qbOCjCs1jiAPT3i_?usp=sharing
https://pastebin.com/raw/0CGTpiEn
https://psirt.bosch.com/security-advisories/BOSCH-SA-341298-BT.html

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:bosch:b420_firmware:02.02.0001:*:*:*:*:*:*:*

cpe:2.3:h:bosch:b420:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:56

Type	Values Removed	Values Added
References	~~(MISC) https://drive.google.com/drive/folders/16jvVFyp9RlHvXvq7qbOCjCs1jiAPT3i_?usp=sharing - Third Party Advisory~~	() https://drive.google.com/drive/folders/16jvVFyp9RlHvXvq7qbOCjCs1jiAPT3i_?usp=sharing -
References	~~(MISC) https://pastebin.com/raw/0CGTpiEn - Third Party Advisory~~	() https://pastebin.com/raw/0CGTpiEn -
References	~~(MISC) https://psirt.bosch.com/security-advisories/BOSCH-SA-341298-BT.html -~~	() https://psirt.bosch.com/security-advisories/BOSCH-SA-341298-BT.html -

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~CWE-863~~	CWE-290

Information

Published : 2023-02-08 21:15

Updated : 2024-02-28 19:51

NVD link : CVE-2022-47648

Mitre link : CVE-2022-47648

CVE.ORG link : CVE-2022-47648

JSON object : View

Products Affected

bosch

b420_firmware
b420

CWE

CWE-290

Authentication Bypass by Spoofing

CWE-284

Improper Access Control

{"id": "CVE-2022-47648", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "psirt@bosch.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 2.8}]}, "published": "2023-02-08T21:15:10.707", "references": [{"url": "https://drive.google.com/drive/folders/16jvVFyp9RlHvXvq7qbOCjCs1jiAPT3i_?usp=sharing", "source": "psirt@bosch.com"}, {"url": "https://pastebin.com/raw/0CGTpiEn", "source": "psirt@bosch.com"}, {"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-341298-BT.html", "source": "psirt@bosch.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-290"}]}, {"type": "Secondary", "source": "psirt@bosch.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an insider attacker can gain access to the same panel without requiring any sort of authorization. The B420 module was already obsolete at the time this vulnerability was found (The End of Life announcement was made in 2013)."}], "lastModified": "2023-11-07T03:56:24.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bosch:b420_firmware:02.02.0001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B7DA704-7E31-42CE-894A-7F1F14208E14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bosch:b420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F84AE9E-DFCD-41BE-92B7-93501C756316"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@bosch.com"}