CVE-2022-47648

Name of the Vulnerable Software and Affected Versions Bosch B420 firmware 02.02.0001

Description The issue is related to improper access control in the Bosch B420 Ethernet module's control panel, allowing an attacker to bypass security restrictions and gain unauthorized access to protected information by sending specially crafted requests. This is due to the use of IP-based authorization in the authentication mechanism, which enables attackers to access the device if they are on the same network as a legitimate user. The B420 module is obsolete, with its End of Life announcement made in 2013.

Recommendations For Bosch B420 firmware 02.02.0001, consider restricting access to the control panel to minimize the risk of exploitation, as the device's IP-based authorization mechanism can be bypassed by attackers on the same network as a legitimate user. At the moment, there is no information about a newer version that contains a fix for this vulnerability.