What is CVE-2020-6779?

CVE-2020-6779 is a vulnerability that allows an unauthenticated remote attacker to log into the database of Bosch FSM-2500 server and Bosch FSM-5000 server with admin privileges.

What is the severity of CVE-2020-6779?

CVE-2020-6779 has a severity level of critical (10/10).

Where can I find more information about CVE-2020-6779?

You can find more information about CVE-2020-6779 at the following link: [Bosch Security Advisory](https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html).

Vulnerability/
CVE-2020-6779

critical

CWE

798

25/1/2021

16/9/2024

CVE-2020-6779: Hard-coded Credentials in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server

Q: How does CVE-2020-6779 impact the affected software?

CVE-2020-6779 may result in complete compromise of the confidentiality and integrity of the affected software.

Q: How do I fix CVE-2020-6779?

To fix CVE-2020-6779, update the Bosch FSM-2500 server and Bosch FSM-5000 server firmware to version 5.3 or later.

First published: Mon Jan 25 2021(Updated: )

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system.

Credit: psirt@bosch.com

Affected Software	Affected Version	How to fix
Bosch Fsm-2500 Firmware	<=5.2
Bosch FSM-2500
Bosch Fsm-5000 Firmware	<=5.2
Bosch FSM-5000

Never miss a vulnerability like this again

Reference Links

https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html

Frequently Asked Questions

What is CVE-2020-6779?
CVE-2020-6779 is a vulnerability that allows an unauthenticated remote attacker to log into the database of Bosch FSM-2500 server and Bosch FSM-5000 server with admin privileges.
What is the severity of CVE-2020-6779?
CVE-2020-6779 has a severity level of critical (10/10).
How does CVE-2020-6779 impact the affected software?
CVE-2020-6779 may result in complete compromise of the confidentiality and integrity of the affected software.
How do I fix CVE-2020-6779?
To fix CVE-2020-6779, update the Bosch FSM-2500 server and Bosch FSM-5000 server firmware to version 5.3 or later.
Where can I find more information about CVE-2020-6779?
You can find more information about CVE-2020-6779 at the following link: [Bosch Security Advisory](https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html).

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/author
agent/last-modified-date
agent/title
agent/weakness
agent/tags
agent/first-publish-date
agent/description
agent/event
vendor/bosch
canonical/bosch fsm-2500 firmware
version/bosch fsm-2500 firmware/5.2
canonical/bosch fsm-2500
canonical/bosch fsm-5000 firmware
version/bosch fsm-5000 firmware/5.2
canonical/bosch fsm-5000

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.