CVE-2021-23842

Use of Hard-coded Cryptographic Key

CVSS 5.7 MEDIUMEPSS 0.1%CWE-321

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.7EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

19 Jan 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\'s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet.

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Bosch · AMC2 Bosch · AMS Bosch · APE Bosch · BIS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html