CVE-2020-6786
HIGHBosch Video Recording Manager <= 3.71 - Uncontrolled Search Path Element via Installer DLL Loading
Title source: llmDescription
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html
Scores
CVSS v3
7.8
EPSS
0.0035
EPSS Percentile
26.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-427
Status
published
Products (1)
bosch/video_recording_manager
< 3.71
Published
Mar 25, 2021
Tracked Since
Feb 18, 2026