Description
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password.
Scores
CVSS v3
9.8
EPSS
0.0030
EPSS Percentile
53.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-521
Status
published
Products (1)
bosch/bf-os
3.0 - 3.83
Published
Aug 01, 2022
Tracked Since
Feb 18, 2026