CVE-2020-6788

Summary

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.

Affected Software

VendorProductVersion RangeStatus
BoschConfiguration Managerunspecified <= 7.21.0078affected

Weaknesses

  • CWE-427: CWE-427 Uncontrolled Search Path Element

ADP Enrichment

CVE Program Container

Additional References

References