Security Advisories
Below listed Security Advisories (SA) inform you about identified security vulnerabilities in our product or service and proposed solutions.
2024
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.5
|
Affected Bosch Products
|
Title
Unrestricted resource consumption in BVMS
|
Publication Date
2024-10-16
|
Last Update
2024-10-16
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.4
|
Affected Bosch Products
|
Title
Sensitive information disclosure in Bosch Configuration Manager
|
Publication Date
2024-10-01
|
Last Update
2024-10-01
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.5
|
Affected Bosch Products
|
Title
Unauthenticated information leak in Bosch IP cameras
|
Publication Date
2024-08-21
|
Last Update
2024-08-21
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.6
|
Affected Bosch Products
|
Title
Multiple Curl vulnerabilities in the Git for Windows component of Bosch DIVAR IP all-in-one Devices
|
Publication Date
2024-08-07
|
Last Update
2024-08-07
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Remote code execution vulnerability has been found over an insecure connection in the Praesensa Logging Application, Praesideo Logging Application and Praesideo PC Call Station
|
Publication Date
2024-05-15
|
Last Update
2024-05-15
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.8
|
Affected Bosch Products
|
Title
Command Injection in Bosch Network Synchronizer
|
Publication Date
2024-03-20
|
Last Update
2024-04-24
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.3
|
Affected Bosch Products
|
Title
RPS and RPS-LITE operator and communication process vulnerabilities.
|
Publication Date
2024-03-13
|
Last Update
2024-03-13
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.8
|
Affected Bosch Products
|
Title
BVMS affected by Autodesk Design Review Multiple Vulnerabilities
|
Publication Date
2024-03-13
|
Last Update
2024-03-13
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple OpenSSL vulnerabilities in BVMS
|
Publication Date
2024-03-06
|
Last Update
2024-03-06
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Git for Windows Multiple Security Vulnerabilities in Bosch DIVAR IP all-in-one Devices
|
Publication Date
2024-03-06
|
Last Update
2024-03-06
|
2023
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.2
|
Affected Bosch Products
|
Title
Command injection vulnerability in Bosch IP Cameras
|
Publication Date
2023-12-13
|
Last Update
2023-12-13
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.5
|
Affected Bosch Products
|
Title
Denial of Service vulnerability in Bosch BT software products
|
Publication Date
2023-12-13
|
Last Update
2023-12-13
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.4
|
Affected Bosch Products
|
Title
Remote Code Execution in RTS VLink Virtual Matrix
|
Publication Date
2023-08-30
|
Last Update
2023-08-30
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch
|
Publication Date
2023-07-26
|
Last Update
2023-07-26
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.1
|
Affected Bosch Products
|
Title
Update in Cybersecurity Guidebook of BIS on Permission Settings for Network Share
|
Publication Date
2023-06-28
|
Last Update
2023-06-28
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
5.3
|
Affected Bosch Products
|
Title
Information Disclosure Vulnerability in Bosch IP cameras
|
Publication Date
2023-06-28
|
Last Update
2023-12-13
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
4.9
|
Affected Bosch Products
|
Title
Possible damage of secure element in Bosch IP cameras
|
Publication Date
2023-05-31
|
Last Update
2023-05-31
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
.NET Remote Code Execution Vulnerability in BVMS, BIS and AMS
|
Publication Date
2023-05-24
|
Last Update
2023-05-24
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
4.6
|
Affected Bosch Products
|
Title
Vulnerability in Wiegand card data interpretation
|
Publication Date
2023-05-24
|
Last Update
2023-05-24
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.1
|
Affected Bosch Products
|
Title
Unrestricted SSH port forwarding in BVMS
|
Publication Date
2023-05-24
|
Last Update
2023-05-24
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.6
|
Affected Bosch Products
|
Title
Insecure authentication in B420 legacy communication module
|
Publication Date
2023-04-26
|
Last Update
2023-04-26
|
2022
2022
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch
|
Publication Date
2022-11-23
|
Last Update
2023-06-28
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
5.8
|
Affected Bosch Products
|
Title
Multiple Cross Site Scripting vulnerabilities in Bosch VIDEOJET multi 4000
|
Publication Date
2022-10-19
|
Last Update
2023-01-18
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities in NetApp DSA E2800 series
|
Publication Date
2022-10-19
|
Last Update
2022-12-07
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.4
|
Affected Bosch Products
|
Title
Information Disclosure in VIDEOJET Decoder and Operator Client application in BVMS |
Publication Date
2022-09-21
|
Last Update
2022-09-21
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities in BF-OS
|
Publication Date
2022-08-01
|
Last Update
2022-11-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch
BOSCH-SA-247052-BT |
Publication Date
2022-06-22
|
Last Update
2023-02-08
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Improper Control of Generation of Code in Bosch MATRIX
|
Publication Date
2022-04-27
|
Last Update
2022-04-27
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
6.8
|
Affected Bosch Products
|
Title
Buffer Overflow Vulnerability in Recovery Image
|
Publication Date
2022-03-30
|
Last Update
2022-09-07
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability
|
Publication Date
2022-03-23
|
Last Update
2024-07-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Improper Restriction of XML External Entity Reference in BVMS
|
Publication Date
2022-03-16
|
Last Update
2022-03-16
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
6.1
|
Affected Bosch Products
|
Title
Injection of arbitrary HTML code in Bosch Video Security Android App
|
Publication Date
2022-01-26
|
Last Update
2022-09-07
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.8
|
Affected Bosch Products
|
Title
Multiple vulnerabilities in Bosch AMC2 (Access Modular Controller)
|
Publication Date
2022-01-19
|
Last Update
2022-01-28
|
2021
2021
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
10.0
|
Affected Bosch Products
|
Title
Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS) |
Publication Date
2021-12-22
|
Last Update
2021-12-22
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.1
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities in Bosch BT software products
|
Publication Date
2021-12-08
|
Last Update
2021-12-08
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.5
|
Affected Bosch Products
|
Title
Cross Site Request Forgery (CSRF) vulnerability in Bosch IP cameras
|
Publication Date
2021-08-04
|
Last Update
2021-10-07
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple vulnerabilities in Bosch IP cameras
|
Publication Date
2021-06-09
|
Last Update
2021-06-09
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.8
|
Affected Bosch Products
|
Title
Several Vulnerabilities in Bosch B426, B426-CN/B429-CN, and B426-M
|
Publication Date
2021-05-28
|
Last Update
2023-02-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.8
|
Affected Bosch Products
|
Title
Software Vulnerabilities: Uncontrolled Search Path Element
|
Publication Date
2021-03-24
|
Last Update
2021-03-30
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
4.2
|
Affected Bosch Products
|
Title
Side Channel Key Extraction IP Cameras and Encoders Vulnerability
|
Publication Date
2021-03-03
|
Last Update
2021-03-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
10.0
|
Affected Bosch Products
|
Title
Two vulnerabilities in Bosch Fire Monitoring System (FSM)
|
Publication Date
2021-01-20
|
Last Update
2024-07-03
|
2020
2020
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.8
|
Affected Bosch Products
|
Title
Vulnerabilities in Bosch PRAESIDEO and PRAESENSA
|
Publication Date
2020-09-30
|
Last Update
2020-09-30
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Multiple Vulnerabilities in Bosch Recording Station (BRS)
|
Publication Date
2020-05-27
|
Last Update
2020-05-27
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
7.7
|
Affected Bosch Products
|
Title
Path Traversal BVMS Vulnerability
|
Publication Date
2020-01-29
|
Last Update
2020-01-29
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.6
|
Affected Bosch Products
|
Title
NoTouch deployment service BVMS Vulnerability
|
Publication Date
2020-01-29
|
Last Update
2020-01-29
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
10.0
|
Affected Bosch Products
|
Title
Missing Authentication for Critical Function Video Streaming Gateway Vulnerability
|
Publication Date
2020-01-29
|
Last Update
2020-01-29
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
10.0
|
Affected Bosch Products
|
Title
Deserialization of Untrusted Data - BVMS Mobile Video Service Vulnerability
|
Publication Date
2020-01-29
|
Last Update
2020-01-29
|
2019
2019
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.9
|
Affected Bosch Products
|
Title
Hard-coded Credentials in Access Professional Edition 3.7 downwards
|
Publication Date
2019-09-11
|
Last Update
2019-09-11
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
8.8
|
Affected Bosch Products
|
Title
Improper Access Control in Access Professional Edition 3.7 downwards
|
Publication Date
2019-09-11
|
Last Update
2019-09-11
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution
|
Publication Date
2019-09-03
|
Last Update
2019-09-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
|
Title
Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution
|
Publication Date
2019-06-12
|
Last Update
2019-06-12
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.9
|
Affected Bosch Products
|
Title
Unauthenticated Certificate Access in Video Recording Manager
|
Publication Date
2019-05-09
|
Last Update
2022-02-09
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
Bosch Video Management System,
DIVAR IP, Video Recording Manager, Video Streaming Gateway, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK |
Title
Software Buffer Overflow
|
Publication Date
2019-04-03
|
Last Update
2019-04-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
9.8
|
Affected Bosch Products
Bosch Video Management System, DIVAR IP, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK |
Title
Improper Access Control
|
Publication Date
2019-04-03
|
Last Update
2019-04-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
6.1
|
Affected Bosch Products
Video Recording Manager
|
Title
Open Redirect
|
Publication Date
2019-04-03
|
Last Update
2019-04-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
4.9
|
Affected Bosch Products
Video Recording Manager
|
Title
Path Traversal
|
Publication Date
2019-04-03
|
Last Update
2019-04-03
|
| Security Advisory ID |
Assigned CVE IDs
|
CVSS* Score
10
|
Affected Bosch Products
|
Title
DIVAR 400 & 600 series Vulnerability
|
Publication Date
2019‑01‑09
|
Last Update
2019‑01‑18
|
2018
2018
| Security Advisory ID | Assigned CVE IDs | CVSS* Score | Affected Bosch Products | Title | Publication Date | Last Update |
|---|---|---|---|---|---|---|
|
Security Advisory ID
BOSCH‑2018 ‑1202‑BT
|
Assigned CVE IDs
|
CVSS* Score
9.4
|
Affected Bosch Products
|
Title
Bosch IP Camera Vulnerability
|
Publication Date
2018‑12‑12
|
Last Update
2022-02-10
|
Security Advisory RSS feed
In order to stay up-to-date on Security Advisory updates, please subscribe to the RSS feed below.
How it works:
- Click and copy the URL below
- In Microsoft Outlook, locate and right-click 'RSS Feeds' in the navigation tree. (or use another RSS reader)
- Right-click 'RSS subscriptions' and select 'add a new RSS feed'
- Paste the URL into the window that has opened
- Click ‘add’
- For a detailed explanation, please watch this video.