Vendor CVEs
Bosch
All CVEs
72 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-25002 | Hig | 0.57 | 8.8 | 0.01 | Mar 25, 2024 | Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows unauthorized users full access to the device. | ||
| CVE-2024-33618 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2026 | Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface. | ||
| CVE-2016-4507 | Med | 0.42 | 6.4 | 0.01 | Jul 6, 2016 | SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2016-4508 | Med | 0.40 | 6.1 | 0.01 | Jul 6, 2016 | Cross-site scripting (XSS) vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2023-32228 | Med | 0.30 | 4.6 | 0.00 | Apr 11, 2024 | A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF allowing an adversary to grant access to the last authorized user. | ||
| CVE-2015-6970 | 0.04 | — | 0.05 | Feb 18, 2020 | The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injection attacks via the idstring parameter to rcp.xml. | |||
| CVE-2021-33547 | 0.02 | — | 0.03 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2020-6779 | 0.01 | — | 0.04 | Jan 25, 2021 | Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the… | |||
| CVE-2020-6770 | 0.01 | — | 0.04 | Feb 7, 2020 | Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7.5 and older. This… | |||
| CVE-2023-49722 | 0.00 | — | 0.00 | Jan 9, 2024 | Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network. | |||
| CVE-2022-41677 | 0.00 | — | 0.01 | Dec 18, 2023 | An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the… | |||
| CVE-2023-35867 | 0.00 | — | 0.01 | Dec 18, 2023 | An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through… | |||
| CVE-2023-32230 | 0.00 | — | 0.01 | Dec 18, 2023 | An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. | |||
| CVE-2023-46102 | 0.00 | — | 0.00 | Oct 25, 2023 | The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange messages and receive commands to execute on the HMI device. The protocol builds on top of MQTT to implement the remote management of the device is encrypted with a… | |||
| CVE-2023-45851 | 0.00 | — | 0.00 | Oct 25, 2023 | The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication. This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake… | |||
| CVE-2023-45321 | 0.00 | — | 0.00 | Oct 25, 2023 | The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature… | |||
| CVE-2023-45220 | 0.00 | — | 0.00 | Oct 25, 2023 | The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature… | |||
| CVE-2023-41960 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself. | |||
| CVE-2023-41255 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug… | |||
| CVE-2023-29241 | 0.00 | — | 0.00 | Jun 30, 2023 | Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network | |||
| CVE-2023-28175 | 0.00 | — | 0.00 | Jun 15, 2023 | Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. | |||
| CVE-2023-27107 | 0.00 | — | 0.01 | Apr 26, 2023 | Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL. | |||
| CVE-2022-47648 | 0.00 | — | 0.00 | Feb 8, 2023 | An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid… | |||
| CVE-2022-40183 | 0.00 | — | 0.00 | Oct 27, 2022 | An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the… | |||
| CVE-2022-40184 | 0.00 | — | 0.00 | Oct 27, 2022 | Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same… | |||
| CVE-2022-32540 | 0.00 | — | 0.00 | Sep 30, 2022 | Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system… | |||
| CVE-2022-36302 | 0.00 | — | 0.01 | Aug 1, 2022 | File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information. | |||
| CVE-2022-36301 | 0.00 | — | 0.01 | Aug 1, 2022 | BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password. | |||
| CVE-2022-32536 | 0.00 | — | 0.01 | Jun 22, 2022 | The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights. | |||
| CVE-2022-32534 | 0.00 | — | 0.02 | Jun 22, 2022 | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands. | |||
| CVE-2022-32535 | 0.00 | — | 0.01 | Jun 22, 2022 | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch. | |||
| CVE-2021-23843 | 0.00 | — | 0.00 | Jan 19, 2022 | The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this… | |||
| CVE-2021-23842 | 0.00 | — | 0.00 | Jan 19, 2022 | Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this… | |||
| CVE-2021-23862 | 0.00 | — | 0.01 | Dec 8, 2021 | A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000). | |||
| CVE-2021-23861 | 0.00 | — | 0.01 | Dec 8, 2021 | By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM… | |||
| CVE-2021-23860 | 0.00 | — | 0.01 | Dec 8, 2021 | An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with… | |||
| CVE-2021-23859 | 0.00 | — | 0.01 | Dec 8, 2021 | An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the… | |||
| CVE-2021-23846 | 0.00 | — | 0.01 | Jun 18, 2021 | When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021. | |||
| CVE-2021-23845 | 0.00 | — | 0.01 | Jun 18, 2021 | This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed… | |||
| CVE-2020-6790 | 0.00 | — | 0.00 | Mar 25, 2021 | Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into… | |||
| CVE-2020-6789 | 0.00 | — | 0.00 | Mar 25, 2021 | Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a… | |||
| CVE-2020-6788 | 0.00 | — | 0.00 | Mar 25, 2021 | Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a… | |||
| CVE-2020-6787 | 0.00 | — | 0.00 | Mar 25, 2021 | Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a… | |||
| CVE-2020-6786 | 0.00 | — | 0.00 | Mar 25, 2021 | Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on… | |||
| CVE-2020-6785 | 0.00 | — | 0.00 | Mar 25, 2021 | Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed… | |||
| CVE-2020-6771 | 0.00 | — | 0.00 | Mar 25, 2021 | Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same… | |||
| CVE-2019-11684 | 0.00 | — | 0.01 | Feb 26, 2021 | Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified… | |||
| CVE-2020-6780 | 0.00 | — | 0.01 | Jan 25, 2021 | Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their… | |||
| CVE-2020-6777 | 0.00 | — | 0.01 | Jan 14, 2021 | A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an authenticated remote attacker with admin privileges to mount a stored Cross-Site-Scripting (XSS) attack… | |||
| CVE-2020-6776 | 0.00 | — | 0.01 | Jan 14, 2021 | A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (Cross-Site… |
- risk 0.57cvss 8.8epss 0.01
Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows unauthorized users full access to the device.
- risk 0.49cvss 7.5epss 0.00
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface.
- risk 0.42cvss 6.4epss 0.01
SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.30cvss 4.6epss 0.00
A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF allowing an adversary to grant access to the last authorized user.
- CVE-2015-6970Feb 18, 2020risk 0.04cvss —epss 0.05
The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injection attacks via the idstring parameter to rcp.xml.
- CVE-2021-33547Sep 13, 2021risk 0.02cvss —epss 0.03
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.
- CVE-2020-6779Jan 25, 2021risk 0.01cvss —epss 0.04
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the…
- CVE-2020-6770Feb 7, 2020risk 0.01cvss —epss 0.04
Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7.5 and older. This…
- CVE-2023-49722Jan 9, 2024risk 0.00cvss —epss 0.00
Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network.
- CVE-2022-41677Dec 18, 2023risk 0.00cvss —epss 0.01
An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the…
- CVE-2023-35867Dec 18, 2023risk 0.00cvss —epss 0.01
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through…
- CVE-2023-32230Dec 18, 2023risk 0.00cvss —epss 0.01
An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation.
- CVE-2023-46102Oct 25, 2023risk 0.00cvss —epss 0.00
The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange messages and receive commands to execute on the HMI device. The protocol builds on top of MQTT to implement the remote management of the device is encrypted with a…
- CVE-2023-45851Oct 25, 2023risk 0.00cvss —epss 0.00
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication. This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake…
- CVE-2023-45321Oct 25, 2023risk 0.00cvss —epss 0.00
The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature…
- CVE-2023-45220Oct 25, 2023risk 0.00cvss —epss 0.00
The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature…
- CVE-2023-41960Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself.
- CVE-2023-41255Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug…
- CVE-2023-29241Jun 30, 2023risk 0.00cvss —epss 0.00
Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network
- CVE-2023-28175Jun 15, 2023risk 0.00cvss —epss 0.00
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
- CVE-2023-27107Apr 26, 2023risk 0.00cvss —epss 0.01
Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL.
- CVE-2022-47648Feb 8, 2023risk 0.00cvss —epss 0.00
An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid…
- CVE-2022-40183Oct 27, 2022risk 0.00cvss —epss 0.00
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the…
- CVE-2022-40184Oct 27, 2022risk 0.00cvss —epss 0.00
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same…
- CVE-2022-32540Sep 30, 2022risk 0.00cvss —epss 0.00
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system…
- CVE-2022-36302Aug 1, 2022risk 0.00cvss —epss 0.01
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information.
- CVE-2022-36301Aug 1, 2022risk 0.00cvss —epss 0.01
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password.
- CVE-2022-32536Jun 22, 2022risk 0.00cvss —epss 0.01
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights.
- CVE-2022-32534Jun 22, 2022risk 0.00cvss —epss 0.02
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
- CVE-2022-32535Jun 22, 2022risk 0.00cvss —epss 0.01
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.
- CVE-2021-23843Jan 19, 2022risk 0.00cvss —epss 0.00
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this…
- CVE-2021-23842Jan 19, 2022risk 0.00cvss —epss 0.00
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this…
- CVE-2021-23862Dec 8, 2021risk 0.00cvss —epss 0.01
A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000).
- CVE-2021-23861Dec 8, 2021risk 0.00cvss —epss 0.01
By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM…
- CVE-2021-23860Dec 8, 2021risk 0.00cvss —epss 0.01
An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with…
- CVE-2021-23859Dec 8, 2021risk 0.00cvss —epss 0.01
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the…
- CVE-2021-23846Jun 18, 2021risk 0.00cvss —epss 0.01
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021.
- CVE-2021-23845Jun 18, 2021risk 0.00cvss —epss 0.01
This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed…
- CVE-2020-6790Mar 25, 2021risk 0.00cvss —epss 0.00
Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into…
- CVE-2020-6789Mar 25, 2021risk 0.00cvss —epss 0.00
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a…
- CVE-2020-6788Mar 25, 2021risk 0.00cvss —epss 0.00
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a…
- CVE-2020-6787Mar 25, 2021risk 0.00cvss —epss 0.00
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a…
- CVE-2020-6786Mar 25, 2021risk 0.00cvss —epss 0.00
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on…
- CVE-2020-6785Mar 25, 2021risk 0.00cvss —epss 0.00
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed…
- CVE-2020-6771Mar 25, 2021risk 0.00cvss —epss 0.00
Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same…
- CVE-2019-11684Feb 26, 2021risk 0.00cvss —epss 0.01
Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified…
- CVE-2020-6780Jan 25, 2021risk 0.00cvss —epss 0.01
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their…
- CVE-2020-6777Jan 14, 2021risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an authenticated remote attacker with admin privileges to mount a stored Cross-Site-Scripting (XSS) attack…
- CVE-2020-6776Jan 14, 2021risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (Cross-Site…
Page 1 of 2