Filtered by vendor Bosch
Subscribe
Search
Total
32 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32230 | 1 Bosch | 7 Monitor Wall, Video Recording Manager, Video Streaming Gateway and 4 more | 2023-12-22 | N/A | 7.5 HIGH |
| An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. | |||||
| CVE-2023-39509 | 1 Bosch | 4 Cpp13, Cpp13 Firmware, Cpp14 and 1 more | 2023-12-22 | N/A | 7.2 HIGH |
| A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera. | |||||
| CVE-2022-47648 | 1 Bosch | 2 B420, B420 Firmware | 2023-08-08 | N/A | 8.8 HIGH |
| An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an insider attacker can gain access to the same panel without requiring any sort of authorization. The B420 module was already obsolete at the time this vulnerability was found (The End of Life announcement was made in 2013). | |||||
| CVE-2022-32536 | 1 Bosch | 2 Pra-es8p2s, Pra-es8p2s Firmware | 2022-07-01 | 9.0 HIGH | 8.8 HIGH |
| The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights. | |||||
| CVE-2021-23842 | 1 Bosch | 5 Access Management System, Access Professional Edition, Amc2 and 2 more | 2022-01-28 | 3.6 LOW | 7.1 HIGH |
| Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\'s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet. | |||||
| CVE-2021-23843 | 1 Bosch | 5 Access Management System, Access Professional Edition, Amc2 and 2 more | 2022-01-28 | 4.6 MEDIUM | 7.8 HIGH |
| The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\'s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet. | |||||
| CVE-2021-23862 | 1 Bosch | 8 Bosch Video Management System, Divar Ip 5000 Firmware, Divar Ip 7000 Firmware and 5 more | 2021-12-14 | 9.0 HIGH | 7.2 HIGH |
| A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000). | |||||
| CVE-2021-23859 | 1 Bosch | 9 Access Easy Controller, Access Easy Controller Firmware, Access Professional Edition and 6 more | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859 | |||||
| CVE-2021-23858 | 1 Bosch | 24 Indracontrol Xlc, Indracontrol Xlc Firmware, Rexroth Indramotion Mlc L20 and 21 more | 2021-10-14 | 7.8 HIGH | 7.5 HIGH |
| Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another unprotected web server resource. | |||||
| CVE-2021-23855 | 1 Bosch | 4 Rexroth Indramotion Mlc, Rexroth Indramotion Mlc Firmware, Rexroth Indramotion Xlc and 1 more | 2021-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables. | |||||
| CVE-2021-23849 | 1 Bosch | 14 Aviotec, Aviotec Firmware, Cpp13 and 11 more | 2021-08-12 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a malicious website while being logged in into the camera. | |||||
| CVE-2021-23845 | 1 Bosch | 8 B426, B426-cn, B426-cn Firmware and 5 more | 2021-06-24 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from version 3.08 on, which was released on June 2019. | |||||
| CVE-2020-6771 | 1 Bosch | 1 Ip Helper | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application. | |||||
| CVE-2020-6790 | 1 Bosch | 1 Video Streaming Gateway | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from. | |||||
| CVE-2020-6785 | 1 Bosch | 5 Divar Ip 7000 R2, Divar Ip All-in-one 5000, Divar Ip All-in-one 7000 and 2 more | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1. | |||||
| CVE-2020-6787 | 1 Bosch | 1 Video Client | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6786 | 1 Bosch | 1 Video Recording Manager | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6788 | 1 Bosch | 1 Configuration Manager | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6789 | 1 Bosch | 1 Monitor Wall | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6776 | 1 Bosch | 4 Praesensa, Praesensa Firmware, Praesideo and 1 more | 2021-01-21 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (Cross-Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or submitting a malicious form. A successful exploit allows the attacker to perform arbitrary actions with the privileges of the victim, e.g. creating and modifying user accounts, changing system configuration settings and cause DoS conditions. Note: For Bosch PRAESIDEO 4.31 and newer and Bosch PRAESENSA in all versions, the confidentiality impact is considered low because user credentials are not shown in the web interface. | |||||
| CVE-2019-11899 | 1 Bosch | 1 Access | 2020-10-08 | 4.0 MEDIUM | 7.5 HIGH |
| An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition (APE) 3.8, client installations need to be authorized by the APE administrator. | |||||
| CVE-2019-11896 | 1 Bosch | 2 Smart Home Controller, Smart Home Controller Firmware | 2020-10-06 | 6.8 MEDIUM | 7.1 HIGH |
| A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app, which requires user interaction. | |||||
| CVE-2019-11893 | 1 Bosch | 2 Smart Home Controller, Smart Home Controller Firmware | 2020-10-06 | 4.9 MEDIUM | 8.0 HIGH |
| A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app with restricted permissions, which required user interaction. | |||||
| CVE-2019-11892 | 1 Bosch | 2 Smart Home Controller, Smart Home Controller Firmware | 2020-10-06 | 6.8 MEDIUM | 8.0 HIGH |
| A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary needs to have successfully paired an app or service, which requires user interaction. | |||||
| CVE-2019-11891 | 1 Bosch | 2 Smart Home Controller, Smart Home Controller Firmware | 2020-10-06 | 5.4 MEDIUM | 8.0 HIGH |
| A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in elevated privileges of the adversary's choosing. In order to exploit the vulnerability, the adversary needs physical access to the SHC during the attack. | |||||
| CVE-2020-6781 | 1 Bosch | 1 Smart Home | 2020-09-22 | 5.8 MEDIUM | 7.4 HIGH |
| Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack. | |||||
| CVE-2020-6774 | 1 Bosch | 2 Recording Station, Recording Station Firmware | 2020-05-29 | 7.2 HIGH | 8.8 HIGH |
| Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system. | |||||
| CVE-2020-6768 | 1 Bosch | 5 Divar Ip 3000, Divar Ip 7000, Divar Ip All-in-one 5000 and 2 more | 2020-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. | |||||
| CVE-2019-11601 | 1 Bosch | 2 Iot Gateway Software, Prosyst Mbs Sdk | 2019-10-09 | 6.4 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location. | |||||
| CVE-2019-11897 | 1 Bosch | 2 Iot Gateway Software, Prosyst Mbs Sdk | 2019-10-09 | 5.0 MEDIUM | 8.6 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to read sensitive zip files from the local server. | |||||
| CVE-2019-11603 | 1 Bosch | 2 Iot Gateway Software, Prosyst Mbs Sdk | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root. | |||||
| CVE-2019-7728 | 1 Bosch | 1 Smart Camera | 2019-02-22 | 5.1 MEDIUM | 7.5 HIGH |
| An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly implemented TLS certificate checks, a malicious actor could potentially succeed in executing a man-in-the-middle attack for some connections. (The Bosch Smart Home App is not affected. iOS Apps are not affected.) | |||||