CVE-2020-6774

CRITICAL

Bosch Recording Station Firmware - Improper Access Control

Title source: rule

Description

Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system.

References (1)

[Vendor Advisory] https://psirt.bosch.com/security-advisories/BOSCH-SA-363824-BT.html

Scores

CVSS v3 9.3

EPSS 0.0004

EPSS Percentile 13.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-284 CWE-668

Status published

Affected Products (1)

bosch/recording_station_firmware

Timeline

Published May 27, 2020

Tracked Since Feb 18, 2026