Security Advisories

BOSCH-SA-835563-BT

CVE-2020-6785,
CVE-2020-6786,
CVE-2020-6787,
CVE-2020-6788,
CVE-2020-6789,
CVE-2020-6790,
CVE-2020-6771

Software Vulnerabilities: Uncontrolled Search Path Element

7.8

BVMS,
BVMS Viewer,
VRM Installer,
IP Helper,
Bosch Video Client Installer,
Bosch Configuration Manager Installer,
Bosch Monitor Wall Installer,
Bosch Video Streaming Gateway Installer,
DIVAR IP 7000 R2,
DIVAR IP all-in-one 5000,
DIVAR IP all-in-one 7000

2021-03-24

2021-03-30

BOSCH-SA-762869-BT

CVE-2021-3011

Side Channel Key Extraction IP Cameras and Encoders Vulnerability

4.2

IP Cameras, Encoders

2021-03-03

2021-03-03

BOSCH-SA- 332072 -BT

CVE-2020-6779,
CVE-2020-6780

Two vulnerabilities in Bosch Fire Monitoring System (FSM)

10.0
4.4

FSM

2021-01-20

2021-01-20

BOSCH-SA-538331-BT

CVE-2020-6776,
CVE-2020-6777,
CVE-2020-15688

Vulnerabilities in Bosch PRAESIDEO and PRAESENSA

8.8
4.8
7.5

PRAESIDEO
PRAESENSA

2020-09-30

2020-09-30

BOSCH-SA-363824-BT

CVE-2017-0144,
CVE-2019-0708,
CVE-2020-6774

Multiple Vulnerabilities in Bosch Recording Station (BRS)

8.1
9.8
9.3

Bosch Recording Station (BRS)

2020-05-27

2020-05-27

BOSCH-SA-381489-BT

CVE-2020-6767

Path Traversal BVMS Vulnerability

7.7

DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, BVMS 10.0 and older, BVMS Viewer 10.0 and older

2020-01-29

2020-01-29

BOSCH-SA-815013-BT

CVE-2020-6768

NoTouch deployment service BVMS Vulnerability

8.6

DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, BVMS 10.0 and older, BVMS Viewer 10.0 and older

2020-01-29

2020-01-29

BOSCH-SA-260625-BT

CVE-2020-6769

Missing Authentication for Critical Function Video Streaming Gateway Vulnerability

10.0

DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, DIVAR IP 2000, DIVAR IP 5000, Bosch Video Streaming Gateway (VSG) 6.45 and older

2020-01-29

2020-01-29

BOSCH-SA-885551-BT

CVE-2020-6770

Deserialization of Untrusted Data - BVMS Mobile Video Service Vulnerability

10.0

DIVAR IP 3000, DIVAR IP 7000, BVMS 10.0 and older

2020-01-29

2020-01-29

BOSCH-SA-710832-BT CVE-2019-11898

1.0

Unauthorized access to sensitive data by reverse engineering one of the APE service tools

9.9

Access Professional Edition (APE) 3.7 downwards

2019-09-11

2019-09-11

BOSCH-SA-844044-BT CVE-2019-11899

1.0

Unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation

8.8

Access Professional Edition (APE) 3.7 downwards

2019-09-11

2019-09-11

BOSCH-SA-804652-BT CVE-2019-11684

1.01

Unauthenticated Certificate Access

9.9

Video Recording Manager,
DIVAR IP 5000,
Bosch Video Management System

2019-05-09

2019-05-22

BOSCH-2019-0403BT CVE-2019-6957

1.00

Software Buffer Overflow

9.8

Bosch Video Management System,
DIVAR IP,
Video Recording Manager,
Video Streaming Gateway,
Configuration Manager,
Building Integration System with Video Engine,
Access Professional Edition,
Access Easy Controller,
Bosch Video Client,
Video SDK

2019-04-03

2019-04-03

BOSCH-2019-0404BT CVE-2019-6958

1.00

Improper Access Control

9.8

Bosch Video Management System,
DIVAR IP,
Configuration Manager,
Building Integration System with Video Engine,
Access Professional Edition,
Access Easy Controller,
Bosch Video Client,
Video SDK

2019-04-03

2019-04-03

BOSCH-2019-0401BT CVE-2019-8951

1.00

Open Redirect

6.1

Video Recording Manager

2019-04-03

2019-04-03

BOSCH-2019-0402BT CVE-2019-8952

1.00

Path Traversal

4.9

Video Recording Manager

2019-04-03

2019-04-03

BOSCH‑2018‑1201

1.02

Security Advisory Access Easy Controller 2.1

6.5

Access Easy Controller 2.1

2018-12-03

2019‑02‑28

BOSCH‑2019‑ 0101‑BT

1.1

DIVAR 400 & 600 series Vulnerability

10

DIVAR 400 & 600 series Vulnerability

2019‑01‑09

2019‑01‑18

CVE-2018-19036 BOSCH‑2018 ‑1202‑BT

1.04

IP Camera Vulnerability

9.4

Bosch IP Cameras

2018‑12‑12

2018‑12‑21