CVE-2019-11896

A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app, which requires user interaction.

CVSS v3 7.1 HIGH
CVSS v2.0 6.8 MEDIUM

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://psirt.bosch.com/Advisory/BOSCH-SA-662084.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:bosch:smart_home_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bosch:smart_home_controller:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-05-29 21:29

Updated : 2023-12-10 12:59

NVD link : CVE-2019-11896

Mitre link : CVE-2019-11896

CVE.ORG link : CVE-2019-11896

JSON object : View

Products Affected

bosch

smart_home_controller_firmware
smart_home_controller

CWE

CWE-269

Improper Privilege Management

CWE-284

Improper Access Control

{"id": "CVE-2019-11896", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Secondary", "source": "psirt@bosch.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.1}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2019-05-29T21:29:02.153", "references": [{"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-662084.html", "tags": ["Vendor Advisory"], "source": "psirt@bosch.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Secondary", "source": "psirt@bosch.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app, which requires user interaction."}, {"lang": "es", "value": "Se presenta una vulnerabilidad potencial de asignaci\u00f3n de privilegios inapropiada en el mecanismo de emparejamiento de terceros (3rd party pairing) del Smart Home Controller (SHC) de Bosch anteriores de la versi\u00f3n 9.8.907, que puede conllevar a una aplicaci\u00f3n restringida obtenga los permisos de aplicaci\u00f3n por defecto. Para aprovechar la vulnerabilidad, el adversario necesita haber emparejado con exito una aplicaci\u00f3n, que requiere interacci\u00f3n con el usuario."}], "lastModified": "2020-10-06T14:55:58.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bosch:smart_home_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3C832EE-1A23-4EDE-A3D3-3DCB0D08E74C", "versionEndExcluding": "9.8.907"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bosch:smart_home_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "83665608-FC8C-4C92-9DAD-A025433DDD33"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@bosch.com"}