Security Advisories
Below listed Security Advisories (SA) inform you about identified security vulnerabilities in our product or service and proposed solutions.
2021
| ID | Assigned CVE IDs | Title | CVSS* Score | Products | Date | Download |
|---|---|---|---|---|---|---|
| ID BOSCH-SA-762869-BT | Assigned CVE IDs CVE-2021-3011 | Title Side Channel Key Extraction IP Cameras and Encoders Vulnerability | CVSS* Score 4.2 | Products IP Cameras, Encoders | Date 2021-03-03 | Download |
| ID BOSCH-SA- 332072 -BT | Assigned CVE IDs CVE-2020-6779, CVE-2020-6780 | Title Two vulnerabilities in Bosch Fire Monitoring System (FSM) | CVSS* Score 10.0 4.4 | Products FSM | Date 2021-01-20 | Download |
2020
| ID | Assigned CVE IDs | Title | CVSS* Score | Products | Date | Download |
|---|---|---|---|---|---|---|
| ID BOSCH-SA-538331-BT | Assigned CVE IDs CVE-2020-6776, CVE-2020-6777, CVE-2020-15688 | Title Vulnerabilities in Bosch PRAESIDEO and PRAESENSA | CVSS* Score 8.8 4.8 7.5 | Products PRAESIDEO PRAESENSA | Date 2020-09-30 | Download |
| ID BOSCH-SA-363824-BT | Assigned CVE IDs CVE-2017-0144, CVE-2019-0708, CVE-2020-6774 | Title Multiple Vulnerabilities in Bosch Recording Station (BRS) | CVSS* Score 8.1 9.8 9.3 | Products Bosch Recording Station (BRS) | Date 2020-05-27 | Download |
| ID BOSCH-SA-381489-BT | Assigned CVE IDs CVE-2020-6767 | Title Path Traversal BVMS Vulnerability | CVSS* Score 7.7 | Products DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, BVMS 10.0 and older, BVMS Viewer 10.0 and older | Date 2020-01-29 | Download |
| ID BOSCH-SA-815013-BT | Assigned CVE IDs CVE-2020-6768 | Title NoTouch deployment service BVMS Vulnerability | CVSS* Score 8.6 | Products DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, BVMS 10.0 and older, BVMS Viewer 10.0 and older | Date 2020-01-29 | Download |
| ID BOSCH-SA-260625-BT | Assigned CVE IDs CVE-2020-6769 | Title Missing Authentication for Critical Function Video Streaming Gateway Vulnerability | CVSS* Score 10.0 | Products DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, DIVAR IP 2000, DIVAR IP 5000, Bosch Video Streaming Gateway (VSG) 6.45 and older | Date 2020-01-29 | Download |
| ID BOSCH-SA-885551-BT | Assigned CVE IDs CVE-2020-6770 | Title Deserialization of Untrusted Data - BVMS Mobile Video Service Vulnerability | CVSS* Score 10.0 | Products DIVAR IP 3000, DIVAR IP 7000, BVMS 10.0 and older | Date 2020-01-29 | Download |
2019
| ID | Version | Title | CVSS* Score | Products | Date | Download |
|---|---|---|---|---|---|---|
| ID BOSCH-SA-710832-BT CVE-2019-11898 | Version 1.0 | Title Unauthorized access to sensitive data by reverse engineering one of the APE service tools | CVSS* Score 9.9 | Products Access Professional Edition (APE) 3.7 downwards | Date 2019-09-11 | Download |
| ID BOSCH-SA-844044-BT CVE-2019-11899 | Version 1.0 | Title Unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation | CVSS* Score 8.8 | Products Access Professional Edition (APE) 3.7 downwards | Date 2019-09-11 | Download |
| ID BOSCH-SA-804652-BT CVE-2019-11684 | Version 1.01 | Title Unauthenticated Certificate Access | CVSS* Score 9.9 | Products Video Recording Manager, DIVAR IP 5000, Bosch Video Management System | Date 2019-05-22 | Download |
| ID BOSCH-2019-0403BT CVE-2019-6957 | Version 1.00 | Title Software Buffer Overflow | CVSS* Score 9.8 | Products Bosch Video Management System, DIVAR IP, Video Recording Manager, Video Streaming Gateway, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK | Date 2019-04-03 | Download |
| ID BOSCH-2019-0404BT CVE-2019-6958 | Version 1.00 | Title Improper Access Control | CVSS* Score 9.8 | Products Bosch Video Management System, DIVAR IP, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK | Date 2019-04-03 | Download |
| ID BOSCH-2019-0401BT CVE-2019-8951 | Version 1.00 | Title Open Redirect | CVSS* Score 6.1 | Products Video Recording Manager | Date 2019-04-03 | Download |
| ID BOSCH-2019-0402BT CVE-2019-8952 | Version 1.00 | Title Path Traversal | CVSS* Score 4.9 | Products Video Recording Manager | Date 2019-04-03 | Download |
| ID BOSCH‑2018‑1201 | Version 1.02 | Title Security Advisory Access Easy Controller 2.1 | CVSS* Score 6.5 | Products Access Easy Controller 2.1 | Date 2019‑02‑28 | Download |
| ID BOSCH‑2019‑0101‑BT | Version 1.1 | Title DIVAR 400 & 600 series Vulnerability | CVSS* Score 10 | Products DIVAR 400 & 600 series Vulnerability | Date 2019‑01‑09 | Download |
2018
| ID | Version | Title | CVSS* Score | Products | Date | Download |
|---|---|---|---|---|---|---|
| ID CVE-2018-19036 BOSCH‑2018‑1202‑BT | Version 1.04 | Title IP Camera Vulnerability | CVSS* Score 9.4 | Products Bosch IP Cameras | Date 2018‑12‑12 | Download |