Unrated severityNVD Advisory· Published Jan 19, 2022· Updated Sep 16, 2024
Lack of authentication mechanisms on the device
CVE-2021-23843
Description
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\'s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Bosch/AMSv5Range: unspecified
- Bosch/APEv5Range: unspecified
- Bosch/BISv5Range: unspecified
Patches
Vulnerability mechanics
References
1- psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.