CVE-2019-11896

A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app, which requires user interaction.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:bosch:smart_home_controller_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:bosch:smart_home_controller:-:*:*:*:*:*:*:*

Information

Published : 2019-05-29 14:29

Updated : 2020-10-06 07:55


NVD link : CVE-2019-11896

Mitre link : CVE-2019-11896


JSON object : View

CWE
CWE-269

Improper Privilege Management

Advertisement

dedicated server usa

Products Affected

bosch

  • smart_home_controller_firmware
  • smart_home_controller