Security Advisories
Below listed Security Advisories (SA) inform you about identified security vulnerabilities in our product or service and proposed solutions.
2024
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.5 | Affected Bosch Products
| Title Unrestricted resource consumption in BVMS | Publication Date 2024-10-16 | Last Update 2024-10-16 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.4 | Affected Bosch Products
| Title Sensitive information disclosure in Bosch Configuration Manager | Publication Date 2024-10-01 | Last Update 2024-10-01 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.5 | Affected Bosch Products
| Title Unauthenticated information leak in Bosch IP cameras | Publication Date 2024-08-21 | Last Update 2024-08-21 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.6 | Affected Bosch Products
| Title Multiple Curl vulnerabilities in the Git for Windows component of Bosch DIVAR IP all-in-one Devices | Publication Date 2024-08-07 | Last Update 2024-08-07 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Remote code execution vulnerability has been found over an insecure connection in the Praesensa Logging Application, Praesideo Logging Application and Praesideo PC Call Station | Publication Date 2024-05-15 | Last Update 2024-05-15 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.8 | Affected Bosch Products
| Title Command Injection in Bosch Network Synchronizer | Publication Date 2024-03-20 | Last Update 2024-04-24 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.3 | Affected Bosch Products
| Title RPS and RPS-LITE operator and communication process vulnerabilities. | Publication Date 2024-03-13 | Last Update 2024-03-13 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.8 | Affected Bosch Products
| Title BVMS affected by Autodesk Design Review Multiple Vulnerabilities | Publication Date 2024-03-13 | Last Update 2024-03-13 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple OpenSSL vulnerabilities in BVMS | Publication Date 2024-03-06 | Last Update 2024-03-06 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Git for Windows Multiple Security Vulnerabilities in Bosch DIVAR IP all-in-one Devices | Publication Date 2024-03-06 | Last Update 2024-03-06 |
2023
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.2 | Affected Bosch Products
| Title Command injection vulnerability in Bosch IP Cameras | Publication Date 2023-12-13 | Last Update 2023-12-13 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.5 | Affected Bosch Products
| Title Denial of Service vulnerability in Bosch BT software products | Publication Date 2023-12-13 | Last Update 2023-12-13 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.4 | Affected Bosch Products
| Title Remote Code Execution in RTS VLink Virtual Matrix | Publication Date 2023-08-30 | Last Update 2023-08-30 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch | Publication Date 2023-07-26 | Last Update 2023-07-26 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.1 | Affected Bosch Products
| Title Update in Cybersecurity Guidebook of BIS on Permission Settings for Network Share | Publication Date 2023-06-28 | Last Update 2023-06-28 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 5.3 | Affected Bosch Products
| Title Information Disclosure Vulnerability in Bosch IP cameras | Publication Date 2023-06-28 | Last Update 2023-12-13 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 4.9 | Affected Bosch Products
| Title Possible damage of secure element in Bosch IP cameras | Publication Date 2023-05-31 | Last Update 2023-05-31 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title .NET Remote Code Execution Vulnerability in BVMS, BIS and AMS | Publication Date 2023-05-24 | Last Update 2023-05-24 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 4.6 | Affected Bosch Products
| Title Vulnerability in Wiegand card data interpretation | Publication Date 2023-05-24 | Last Update 2023-05-24 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.1 | Affected Bosch Products
| Title Unrestricted SSH port forwarding in BVMS | Publication Date 2023-05-24 | Last Update 2023-05-24 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.6 | Affected Bosch Products
| Title Insecure authentication in B420 legacy communication module | Publication Date 2023-04-26 | Last Update 2023-04-26 |
2022
2022
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch | Publication Date 2022-11-23 | Last Update 2023-06-28 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 5.8 | Affected Bosch Products
| Title Multiple Cross Site Scripting vulnerabilities in Bosch VIDEOJET multi 4000 | Publication Date 2022-10-19 | Last Update 2023-01-18 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple Vulnerabilities in NetApp DSA E2800 series | Publication Date 2022-10-19 | Last Update 2022-12-07 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.4 | Affected Bosch Products
| Title Information Disclosure in VIDEOJET Decoder and Operator Client application in BVMS | Publication Date 2022-09-21 | Last Update 2022-09-21 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple Vulnerabilities in BF-OS | Publication Date 2022-08-01 | Last Update 2022-11-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch BOSCH-SA-247052-BT | Publication Date 2022-06-22 | Last Update 2023-02-08 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Improper Control of Generation of Code in Bosch MATRIX | Publication Date 2022-04-27 | Last Update 2022-04-27 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 6.8 | Affected Bosch Products
| Title Buffer Overflow Vulnerability in Recovery Image | Publication Date 2022-03-30 | Last Update 2022-09-07 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability | Publication Date 2022-03-23 | Last Update 2024-07-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Improper Restriction of XML External Entity Reference in BVMS | Publication Date 2022-03-16 | Last Update 2022-03-16 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 6.1 | Affected Bosch Products
| Title Injection of arbitrary HTML code in Bosch Video Security Android App | Publication Date 2022-01-26 | Last Update 2022-09-07 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.8 | Affected Bosch Products
| Title Multiple vulnerabilities in Bosch AMC2 (Access Modular Controller) | Publication Date 2022-01-19 | Last Update 2022-01-28 |
2021
2021
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 10.0 | Affected Bosch Products
| Title Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS) | Publication Date 2021-12-22 | Last Update 2021-12-22 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.1 | Affected Bosch Products
| Title Multiple Vulnerabilities in Bosch BT software products | Publication Date 2021-12-08 | Last Update 2021-12-08 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.5 | Affected Bosch Products
| Title Cross Site Request Forgery (CSRF) vulnerability in Bosch IP cameras | Publication Date 2021-08-04 | Last Update 2021-10-07 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple vulnerabilities in Bosch IP cameras | Publication Date 2021-06-09 | Last Update 2021-06-09 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.8 | Affected Bosch Products
| Title Several Vulnerabilities in Bosch B426, B426-CN/B429-CN, and B426-M | Publication Date 2021-05-28 | Last Update 2023-02-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.8 | Affected Bosch Products
| Title Software Vulnerabilities: Uncontrolled Search Path Element | Publication Date 2021-03-24 | Last Update 2021-03-30 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 4.2 | Affected Bosch Products
| Title Side Channel Key Extraction IP Cameras and Encoders Vulnerability | Publication Date 2021-03-03 | Last Update 2021-03-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 10.0 | Affected Bosch Products
| Title Two vulnerabilities in Bosch Fire Monitoring System (FSM) | Publication Date 2021-01-20 | Last Update 2024-07-03 |
2020
2020
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.8 | Affected Bosch Products
| Title Vulnerabilities in Bosch PRAESIDEO and PRAESENSA | Publication Date 2020-09-30 | Last Update 2020-09-30 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Multiple Vulnerabilities in Bosch Recording Station (BRS) | Publication Date 2020-05-27 | Last Update 2020-05-27 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 7.7 | Affected Bosch Products
| Title Path Traversal BVMS Vulnerability | Publication Date 2020-01-29 | Last Update 2020-01-29 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.6 | Affected Bosch Products
| Title NoTouch deployment service BVMS Vulnerability | Publication Date 2020-01-29 | Last Update 2020-01-29 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 10.0 | Affected Bosch Products
| Title Missing Authentication for Critical Function Video Streaming Gateway Vulnerability | Publication Date 2020-01-29 | Last Update 2020-01-29 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 10.0 | Affected Bosch Products
| Title Deserialization of Untrusted Data - BVMS Mobile Video Service Vulnerability | Publication Date 2020-01-29 | Last Update 2020-01-29 |
2019
2019
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.9 | Affected Bosch Products
| Title Hard-coded Credentials in Access Professional Edition 3.7 downwards | Publication Date 2019-09-11 | Last Update 2019-09-11 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 8.8 | Affected Bosch Products
| Title Improper Access Control in Access Professional Edition 3.7 downwards | Publication Date 2019-09-11 | Last Update 2019-09-11 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution | Publication Date 2019-09-03 | Last Update 2019-09-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products
| Title Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution | Publication Date 2019-06-12 | Last Update 2019-06-12 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.9 | Affected Bosch Products
| Title Unauthenticated Certificate Access in Video Recording Manager | Publication Date 2019-05-09 | Last Update 2022-02-09 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products Bosch Video Management System, DIVAR IP, Video Recording Manager, Video Streaming Gateway, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK | Title Software Buffer Overflow | Publication Date 2019-04-03 | Last Update 2019-04-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 9.8 | Affected Bosch Products Bosch Video Management System, DIVAR IP, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK | Title Improper Access Control | Publication Date 2019-04-03 | Last Update 2019-04-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 6.1 | Affected Bosch Products Video Recording Manager | Title Open Redirect | Publication Date 2019-04-03 | Last Update 2019-04-03 |
Security Advisory ID | Assigned CVE IDs
| CVSS* Score 4.9 | Affected Bosch Products Video Recording Manager | Title Path Traversal | Publication Date 2019-04-03 | Last Update 2019-04-03 |
Security Advisory ID | Assigned CVE IDs | CVSS* Score 10 | Affected Bosch Products
| Title DIVAR 400 & 600 series Vulnerability | Publication Date 2019‑01‑09 | Last Update 2019‑01‑18 |
2018
2018
Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
---|---|---|---|---|---|---|
Security Advisory ID BOSCH‑2018 ‑1202‑BT | Assigned CVE IDs
| CVSS* Score 9.4 | Affected Bosch Products
| Title Bosch IP Camera Vulnerability | Publication Date 2018‑12‑12 | Last Update 2022-02-10 |
Security Advisory RSS feed
In order to stay up-to-date on Security Advisory updates, please subscribe to the RSS feed below.
How it works:
- Click and copy the URL below
- In Microsoft Outlook, locate and right-click 'RSS Feeds' in the navigation tree. (or use another RSS reader)
- Right-click 'RSS subscriptions' and select 'add a new RSS feed'
- Paste the URL into the window that has opened
- Click ‘add’
- For a detailed explanation, please watch this video.