Security Advisories

2023

Security Advisory ID	Assigned CVE IDs	CVSS* Score	Affected Bosch Products	Title	Publication Date	Last Update
Security Advisory ID BOSCH-SA-893251-BT	Assigned CVE IDs CVE-2023-34999	CVSS* Score 8.4	Affected Bosch Products RTS VLink Virtual Matrix Software	Title Remote Code Execution in RTS VLink Virtual Matrix	Publication Date 2023-08-30	Last Update 2023-08-30
Security Advisory ID BOSCH-SA-247054-BT	Assigned CVE IDs Multiple CVEs in 3rd party components (see Advisory)	CVSS* Score 9.8	Affected Bosch Products Bosch PRA-ES8P2S	Title Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch	Publication Date 2023-07-26	Last Update 2023-07-26
Security Advisory ID BOSCH-SA-988400-BT	Assigned CVE IDs CVE-2023-29241	CVSS* Score 8.1	Affected Bosch Products Bosch BIS	Title Update in Cybersecurity Guidebook of BIS on Permission Settings for Network Share	Publication Date 2023-06-28	Last Update 2023-06-28
Security Advisory ID BOSCH-SA-839739-BT	Assigned CVE IDs CVE-2022-41677	CVSS* Score 5.3	Affected Bosch Products Bosch Camera Firmware	Title Information Disclosure Vulnerability in Bosch IP cameras	Publication Date 2023-06-28	Last Update 2023-07-31
Security Advisory ID BOSCH-SA-435698-BT	Assigned CVE IDs CVE-2023-32229	CVSS* Score 4.9	Affected Bosch Products Bosch Camera Firmware	Title Possible damage of secure element in Bosch IP cameras	Publication Date 2023-05-31	Last Update 2023-05-31
Security Advisory ID BOSCH-SA-110112-BT	Assigned CVE IDs CVE-2021-26701	CVSS* Score 9.8	Affected Bosch Products Bosch AMS Bosch BIS Bosch BVMS Bosch BVMS Viewer Bosch Bosch DIVAR IP 7000 R2 Bosch Bosch DIVAR IP all-in-one 5000 Bosch Bosch DIVAR IP all-in-one 7000 Bosch Bosch DIVAR IP all-in-one 7000 R3 Bosch DIVAR IP all-in-one 4000 Bosch DIVAR IP all-in-one 6000	Title .NET Remote Code Execution Vulnerability in BVMS, BIS and AMS	Publication Date 2023-05-24	Last Update 2023-05-24
Security Advisory ID BOSCH-SA-391095	Assigned CVE IDs CVE-2023-32228	CVSS* Score 4.6	Affected Bosch Products Bosch AMS Bosch BIS	Title Vulnerability in Wiegand card data interpretation	Publication Date 2023-05-24	Last Update 2023-05-24
Security Advisory ID BOSCH-SA-025794-BT	Assigned CVE IDs CVE-2023-28175	CVSS* Score 7.1	Affected Bosch Products Bosch BVMS Bosch BVMS Viewer Bosch Bosch DIVAR IP 3000 Bosch Bosch DIVAR IP 7000 R1 Bosch Bosch DIVAR IP 7000 R2 Bosch Bosch DIVAR IP all-in-one 5000 Bosch Bosch DIVAR IP all-in-one 7000 Bosch Bosch DIVAR IP all-in-one 7000 R3 Bosch DIVAR IP all-in-one 4000 Bosch DIVAR IP all-in-one 6000	Title Unrestricted SSH port forwarding in BVMS	Publication Date 2023-05-24	Last Update 2023-05-24
Security Advisory ID BOSCH-SA-341298-BT	Assigned CVE IDs CVE-2022-47648	CVSS* Score 7.6	Affected Bosch Products Bosch B420	Title Insecure authentication in B420 legacy communication module	Publication Date 2023-04-26	Last Update 2023-04-26

*CVSS - Common Vulnerability Scoring System

2022

Security Advisory ID	Assigned CVE IDs	CVSS* Score	Affected Bosch Products	Title	Publication Date	Last Update
Security Advisory ID BOSCH-SA-247053-BT	Assigned CVE IDs Multiple CVEs in 3rd party components (see Advisory)	CVSS* Score 9.8	Affected Bosch Products Bosch PRA-ES8P2S	Title Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch	Publication Date 2022-11-23	Last Update 2023-06-28
Security Advisory ID BOSCH-SA-454166-BT	Assigned CVE IDs CVE-2022-40183 CVE-2022-40184	CVSS* Score 5.8	Affected Bosch Products Bosch VIDEOJET multi 4000	Title Multiple Cross Site Scripting vulnerabilities in Bosch VIDEOJET multi 4000	Publication Date 2022-10-19	Last Update 2023-01-18
Security Advisory ID BOSCH-SA-609377-BT	Assigned CVE IDs Multiple CVEs in 3rd party components (see Advisory)	CVSS* Score 9.8	Affected Bosch Products Bosch DSA E2800 Base units Bosch DSA E2800 Dual Controllers	Title Multiple Vulnerabilities in NetApp DSA E2800 series	Publication Date 2022-10-19	Last Update 2022-12-07
Security Advisory ID BOSCH-SA-464066-BT	Assigned CVE IDs CVE-2022-32540	CVSS* Score 7.4	Affected Bosch Products Bosch BVMS Bosch VJD-7513	Title Information Disclosure in VIDEOJET Decoder and Operator Client application in BVMS	Publication Date 2022-09-21	Last Update 2022-09-21
Security Advisory ID BOSCH-SA-013924-BT	Assigned CVE IDs CVE-2022-36301 CVE-2022-36302	CVSS* Score 9.8	Affected Bosch Products Bosch BF-OS	Title Multiple Vulnerabilities in BF-OS	Publication Date 2022-08-01	Last Update 2022-11-03
Security Advisory ID BOSCH-SA-247052-BT	Assigned CVE IDs CVE-2022-32534 CVE-2022-32535 CVE-2022-32536 Multiple CVEs in 3rd party components	CVSS* Score 9.8	Affected Bosch Products Bosch PRA-ES8P2S	Title Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch BOSCH-SA-247052-BT	Publication Date 2022-06-22	Last Update 2023-02-08
Security Advisory ID BOSCH-SA-309239-BT	Assigned CVE IDs CVE-2022-22965	CVSS* Score 9.8	Affected Bosch Products Bosch MATRIX	Title Improper Control of Generation of Code in Bosch MATRIX	Publication Date 2022-04-27	Last Update 2022-04-27
Security Advisory ID BOSCH-SA-446276-BT	Assigned CVE IDs CVE-2021-23850 CVE-2021-23851	CVSS* Score 6.8	Affected Bosch Products Bosch CPP Firmware	Title Buffer Overflow Vulnerability in Recovery Image	Publication Date 2022-03-30	Last Update 2022-09-07
Security Advisory ID BOSCH-SA-479793-BT	Assigned CVE IDs CVE-2018-1285	CVSS* Score 9.8	Affected Bosch Products Bosch FSM-10000 Client Bosch FSM-10000 Server Bosch FSM-10k Client Bosch FSM-10k Server Bosch FSM-2500 Client Bosch FSM-2500 Server Bosch FSM-5000 Client Bosch FSM-5000 Server	Title Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability	Publication Date 2022-03-23	Last Update 2022-03-23
Security Advisory ID BOSCH-SA-506619-BT	Assigned CVE IDs CVE-2018-1285	CVSS* Score 9.8	Affected Bosch Products Bosch BVMS Bosch DIVAR IP 7000 R2 Bosch DIVAR IP all-in-one 5000 Bosch DIVAR IP all-in-one 7000	Title Improper Restriction of XML External Entity Reference in BVMS	Publication Date 2022-03-16	Last Update 2022-03-16
Security Advisory ID BOSCH-SA-844050-BT	Assigned CVE IDs CVE-2021-23863	CVSS* Score 6.1	Affected Bosch Products Bosch Video Security Android Application	Title Injection of arbitrary HTML code in Bosch Video Security Android App	Publication Date 2022-01-26	Last Update 2022-09-07
Security Advisory ID BOSCH-SA-940448-BT	Assigned CVE IDs CVE-2021-23842 CVE-2021-23843	CVSS* Score 8.8	Affected Bosch Products Bosch AMC2 Bosch AMS Bosch APE Bosch BIS	Title Multiple vulnerabilities in Bosch AMC2 (Access Modular Controller)	Publication Date 2022-01-19	Last Update 2022-01-28

*CVSS - Common Vulnerability Scoring System

2021

Security Advisory ID	Assigned CVE IDs	CVSS* Score	Affected Bosch Products	Title	Publication Date	Last Update
Security Advisory ID BOSCH-SA-993110-BT	Assigned CVE IDs CVE-2021-44228 CVE-2021-45046 CVE-2021-45105	CVSS* Score 10.0	Affected Bosch Products Bosch PRA-APAS	Title Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)	Publication Date 2021-12-22	Last Update 2021-12-22
Security Advisory ID BOSCH-SA-043434-BT	Assigned CVE IDs CVE-2021-23859 CVE-2021-23860 CVE-2021-23861 CVE-2021-23862	CVSS* Score 9.1	Affected Bosch Products Bosch AEC Bosch APE Bosch BIS Bosch BVMS Bosch DIVAR IP 7000 R2 Bosch DIVAR IP all-in-one 5000 Bosch DIVAR IP all-in-one 7000 Bosch VJD-7513 Bosch VJD-8000 Bosch VRM Bosch VRM Exporter	Title Multiple Vulnerabilities in Bosch BT software products	Publication Date 2021-12-08	Last Update 2021-12-08
Security Advisory ID BOSCH-SA-033305-BT	Assigned CVE IDs CVE-2021-23849	CVSS* Score 7.5	Affected Bosch Products Bosch CPP Firmware	Title Cross Site Request Forgery (CSRF) vulnerability in Bosch IP cameras	Publication Date 2021-08-04	Last Update 2021-10-07
Security Advisory ID BOSCH-SA-478243-BT	Assigned CVE IDs CVE-2021-23847 CVE-2021-23848 CVE-2021-23852 CVE-2021-23853 CVE-2021-23854	CVSS* Score 9.8	Affected Bosch Products Bosch CPP Firmware	Title Multiple vulnerabilities in Bosch IP cameras	Publication Date 2021-06-09	Last Update 2021-06-09
Security Advisory ID BOSCH-SA-196933-BT	Assigned CVE IDs CVE-2021-23845 CVE-2021-23846	CVSS* Score 8.8	Affected Bosch Products Bosch B426 Firmware Bosch B426-CN/B429- CN Firmware Bosch B426-M Firmware Bosch B426 Firmware	Title Several Vulnerabilities in Bosch B426, B426-CN/B429-CN, and B426-M	Publication Date 2021-05-28	Last Update 2023-02-03
Security Advisory ID BOSCH-SA-835563-BT	Assigned CVE IDs CVE-2020-6785 CVE-2020-6786 CVE-2020-6787 CVE-2020-6788 CVE-2020-6789 CVE-2020-6790 CVE-2020-6771	CVSS* Score 7.8	Affected Bosch Products Bosch BVMS Bosch BVMS Viewer Bosch Configuration Manager Bosch DIVAR IP 7000 R2 DIVAR IP all-in-one 5000 DIVAR IP all-in-one 7000 Bosch IP Helper Bosch Monitor Wall Bosch Video Client Bosch Video Recording Manager Bosch Video Streaming Gateway	Title Software Vulnerabilities: Uncontrolled Search Path Element	Publication Date 2021-03-24	Last Update 2021-03-30
Security Advisory ID BOSCH-SA-762869-BT	Assigned CVE IDs CVE-2021-3011	CVSS* Score 4.2	Affected Bosch Products Bosch cameras and encoders built on platforms CPP-ENC, CPP3, CPP4, CPP5, CPP6, CPP7 and CPP7.3	Title Side Channel Key Extraction IP Cameras and Encoders Vulnerability	Publication Date 2021-03-03	Last Update 2021-03-03
Security Advisory ID BOSCH-SA- 332072 -BT	Assigned CVE IDs CVE-2020-6779 CVE-2020-6780	CVSS* Score 10.0	Affected Bosch Products Bosch FSM-2500 Bosch FSM-5000	Title Two vulnerabilities in Bosch Fire Monitoring System (FSM)	Publication Date 2021-01-20	Last Update 2021-01-20

*CVSS - Common Vulnerability Scoring System

2020

Security Advisory ID	Assigned CVE IDs	CVSS* Score	Affected Bosch Products	Title	Publication Date	Last Update
Security Advisory ID BOSCH-SA-538331-BT	Assigned CVE IDs CVE-2020-6776 CVE-2020-6777 CVE-2020-15688	CVSS* Score 8.8	Affected Bosch Products Bosch PRAESENSA Bosch PRAESIDEO	Title Vulnerabilities in Bosch PRAESIDEO and PRAESENSA	Publication Date 2020-09-30	Last Update 2020-09-30
Security Advisory ID BOSCH-SA-363824-BT	Assigned CVE IDs CVE-2017-0144 CVE-2019-0708 CVE-2020-6774	CVSS* Score 9.8	Affected Bosch Products Bosch Recording Station	Title Multiple Vulnerabilities in Bosch Recording Station (BRS)	Publication Date 2020-05-27	Last Update 2020-05-27
Security Advisory ID BOSCH-SA-381489-BT	Assigned CVE IDs CVE-2020-6767	CVSS* Score 7.7	Affected Bosch Products Bosch Video Management System (BVMS) Bosch BVMS Viewer Bosch DIVAR IP 3000 Bosch DIVAR IP 7000 Bosch DIVAR IP all-in-one 5000	Title Path Traversal BVMS Vulnerability	Publication Date 2020-01-29	Last Update 2020-01-29
Security Advisory ID BOSCH-SA-815013-BT	Assigned CVE IDs CVE-2020-6768	CVSS* Score 8.6	Affected Bosch Products Bosch Video Management System (BVMS) Bosch BVMS Viewer Bosch DIVAR IP 3000 Bosch DIVAR IP 7000 Bosch DIVAR IP all-in-one 5000	Title NoTouch deployment service BVMS Vulnerability	Publication Date 2020-01-29	Last Update 2020-01-29
Security Advisory ID BOSCH-SA-260625-BT	Assigned CVE IDs CVE-2020-6769	CVSS* Score 10.0	Affected Bosch Products Bosch Video Streaming Gateway Bosch DIVAR IP 3000 Bosch DIVAR IP 7000 Bosch DIVAR IP all-in-one 5000 Bosch DIVAR IP 2000 Bosch DIVAR IP 5000	Title Missing Authentication for Critical Function Video Streaming Gateway Vulnerability	Publication Date 2020-01-29	Last Update 2020-01-29
Security Advisory ID BOSCH-SA-885551-BT	Assigned CVE IDs CVE-2020-6770	CVSS* Score 10.0	Affected Bosch Products Bosch BVMS Mobile Video Service Bosch DIVAR IP 3000 Bosch DIVAR IP 7000	Title Deserialization of Untrusted Data - BVMS Mobile Video Service Vulnerability	Publication Date 2020-01-29	Last Update 2020-01-29

*CVSS - Common Vulnerability Scoring System

2019

Security Advisory ID	Assigned CVE IDs	CVSS* Score	Affected Bosch Products	Title	Publication Date	Last Update
Security Advisory ID BOSCH-SA-710832-BT	Assigned CVE IDs CVE-2019-11898	CVSS* Score 9.9	Affected Bosch Products Bosch Access Professional Edition	Title Hard-coded Credentials in Access Professional Edition 3.7 downwards	Publication Date 2019-09-11	Last Update 2019-09-11
Security Advisory ID BOSCH-SA-844044-BT	Assigned CVE IDs CVE-2019-11899	CVSS* Score 8.8	Affected Bosch Products Bosch Access Professional Edition	Title Improper Access Control in Access Professional Edition 3.7 downwards	Publication Date 2019-09-11	Last Update 2019-09-11
Security Advisory ID BOSCH-SA-553243-BT	Assigned CVE IDs CVE-2019-1181 CVE-2019-1182	CVSS* Score 9.8	Affected Bosch Products Bosch DIVAR IP 2000 Bosch DIVAR IP 3000 Bosch DIVAR IP 5000 Bosch DIVAR IP 6000 Bosch DIVAR IP 7000 Bosch DIVAR IP all-in-one 5000 Bosch HP Server DL380 Bosch HP Workstation Bosch UGM 2040 plus Bosch VIDEOJET decoder 7000 Bosch VIDEOJET decoder 8000	Title Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution	Publication Date 2019-09-03	Last Update 2019-09-03
Security Advisory ID BOSCH-SA-425803-BT	Assigned CVE IDs CVE-2019-0708	CVSS* Score 9.8	Affected Bosch Products Bosch DIVAR IP 2000 Bosch DIVAR IP 3000 Bosch DIVAR IP 6000 Bosch DIVAR IP 7000 Bosch HP Workstation Bosch HP Server DL 380 Bosch VIDEOJET decoder 7000 Bosch VIDEOJET decoder 8000	Title Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution	Publication Date 2019-06-12	Last Update 2019-06-12
Security Advisory ID BOSCH-SA-804652-BT	Assigned CVE IDs CVE-2019-11684	CVSS* Score 9.9	Affected Bosch Products Bosch Video Recording Manager	Title Unauthenticated Certificate Access in Video Recording Manager	Publication Date 2019-05-09	Last Update 2022-02-09
Security Advisory ID BOSCH-2019-0403-BT	Assigned CVE IDs CVE-2019-6957	CVSS* Score 9.8	Affected Bosch Products Bosch Video Management System, DIVAR IP, Video Recording Manager, Video Streaming Gateway, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK	Title Software Buffer Overflow	Publication Date 2019-04-03	Last Update 2019-04-03
Security Advisory ID BOSCH-2019-0404-BT	Assigned CVE IDs CVE-2019-6958	CVSS* Score 9.8	Affected Bosch Products Bosch Video Management System, DIVAR IP, Configuration Manager, Building Integration System with Video Engine, Access Professional Edition, Access Easy Controller, Bosch Video Client, Video SDK	Title Improper Access Control	Publication Date 2019-04-03	Last Update 2019-04-03
Security Advisory ID BOSCH-2019-0401-BT	Assigned CVE IDs CVE-2019-8951	CVSS* Score 6.1	Affected Bosch Products Video Recording Manager	Title Open Redirect	Publication Date 2019-04-03	Last Update 2019-04-03
Security Advisory ID BOSCH-2019-0402-BT	Assigned CVE IDs CVE-2019-8952	CVSS* Score 4.9	Affected Bosch Products Video Recording Manager	Title Path Traversal	Publication Date 2019-04-03	Last Update 2019-04-03
Security Advisory ID BOSCH‑2019‑0101‑BT	Assigned CVE IDs	CVSS* Score 10	Affected Bosch Products Bosch digital recorder DVR 400 & 600 series	Title DIVAR 400 & 600 series Vulnerability	Publication Date 2019‑01‑09	Last Update 2019‑01‑18

*CVSS - Common Vulnerability Scoring System

2018

Security Advisory ID	Assigned CVE IDs	CVSS* Score	Affected Bosch Products	Title	Publication Date	Last Update
Security Advisory ID BOSCH‑2018 ‑1202‑BT	Assigned CVE IDs CVE-2018-19036	CVSS* Score 9.4	Affected Bosch Products AUTODOME IP AVIOTEC IP DINION HD DINION IP EXTEGRA IP FLEXIDOME HD Vandal-proof FLEXIDOME HD FLEXIDOME IP IP bullet IP micro MIC IP TINYON IP	Title Bosch IP Camera Vulnerability	Publication Date 2018‑12‑12	Last Update 2022-02-10

*CVSS - Common Vulnerability Scoring System

Atom / RSS Feeds

Subscribe to our feed(s) to be notified about new Security Advisories.

Bosch Building Technologies