CVE-2018-20299

Vulnerability

The vulnerability is a buffer overflow (CWE-120) in the RCP+ parser of the web server in Bosch Smart Home 360° indoor camera and Eyes outdoor camera with firmware versions before 6.52.4 [1]. The issue allows a malicious client to trigger a buffer overflow via the network interface.

Exploitation

An attacker can exploit this vulnerability remotely without authentication or user interaction [1]. The attacker sends a specially crafted request to the web server's RCP+ parser, causing a buffer overflow. As of 2018-12-17, there is no indication of public exploit code [1].

Impact

Successful exploitation could allow unauthorized execution of code on the device [1]. The CVSSv3 base score is 9.4 (Critical) with vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H, indicating low confidentiality impact but high integrity and availability impact. The attacker gains the ability to execute arbitrary code, potentially compromising the camera's functionality and data.

Mitigation

Bosch released firmware version 6.52.4 on 2018-12-05 to address this vulnerability [1]. Customers are advised to update via the Bosch Smart Home camera app. No workarounds are mentioned. The advisory states that exploitation code is not publicly known [1].