Skip to main content
Bosch Security and Safety Systems I North America

Security Advisories

Below listed Security Advisories (SA) inform you about identified security vulnerabilities in our product or service and proposed solutions.

2021

Security
Advisory ID
Assigned CVE
IDs
Title CVSS* Score Affected
Bosch Products
Publication
Date
Last Update
Security
Advisory ID
Assigned CVE
IDs
CVE-2021-23849
Title
Cross Site Request Forgery (CSRF) vulnerability in Bosch IP cameras
CVSS* Score
7.5
Affected
Bosch Products
IP Cameras
Publication
Date
2021-08-04
Last Update
2021-10-07
Security
Advisory ID
Assigned CVE
IDs
CVE-2021-23847,
CVE-2021-23848,
CVE-2021-23852,
CVE-2021-23853,
CVE-2021-23854
Title
Multiple vulnerabilities in Bosch IP cameras
CVSS* Score
9.8
8.3
4.9
8.3
8.3
Affected
Bosch Products
IP Cameras
Publication
Date
2021-06-09
Last Update
2021-06-09
Security
Advisory ID
Assigned CVE
IDs
CVE-2021-23845,
CVE-2021-23846
Title
Several Vulnerabilities in Bosch B426, B426-CN/B429-CN, and B426-M
CVSS* Score
8.0
8.8
Affected
Bosch Products
Bosch B426, B426-CN/B429-CN, B426-M
Publication
Date
2021-05-28
Last Update
2021-05-28
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6785,
CVE-2020-6786,
CVE-2020-6787,
CVE-2020-6788,
CVE-2020-6789,
CVE-2020-6790,
CVE-2020-6771
Title
Software Vulnerabilities: Uncontrolled Search Path Element
CVSS* Score
7.8
Affected
Bosch Products
BVMS,
BVMS Viewer,
VRM Installer,
IP Helper,
Bosch Video Client Installer,
Bosch Configuration Manager Installer,
Bosch Monitor Wall Installer,
Bosch Video Streaming Gateway Installer,
DIVAR IP 7000 R2,
DIVAR IP all-in-one 5000,
DIVAR IP all-in-one 7000
Publication
Date
2021-03-24
Last Update
2021-03-30
Security
Advisory ID
Assigned CVE
IDs
CVE-2021-3011
Title
Side Channel Key Extraction IP Cameras and Encoders Vulnerability
CVSS* Score
4.2
Affected
Bosch Products
IP Cameras, Encoders
Publication
Date
2021-03-03
Last Update
2021-03-03
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6779,
CVE-2020-6780
Title
Two vulnerabilities in Bosch Fire Monitoring System (FSM)
CVSS* Score
10.0
4.4
Affected
Bosch Products
FSM
Publication
Date
2021-01-20
Last Update
2021-01-20
*CVSS - Common Vulnerability Scoring System

2020

Security
Advisory ID
Assigned CVE
IDs
Title CVSS* Score Affected
Bosch Products
Publication
Date
Last Update
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6776,
CVE-2020-6777,
CVE-2020-15688
Title
Vulnerabilities in Bosch PRAESIDEO and PRAESENSA
CVSS* Score
8.8
4.8
7.5
Affected
Bosch Products
PRAESIDEO
PRAESENSA
Publication
Date
2020-09-30
Last Update
2020-09-30
Security
Advisory ID
Assigned CVE
IDs
CVE-2017-0144,
CVE-2019-0708,
CVE-2020-6774
Title
Multiple Vulnerabilities in Bosch Recording Station (BRS)
CVSS* Score
8.1
9.8
9.3
Affected
Bosch Products
Bosch Recording Station (BRS)
Publication
Date
2020-05-27
Last Update
2020-05-27
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6767
Title
Path Traversal BVMS Vulnerability
CVSS* Score
7.7
Affected
Bosch Products
DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, BVMS 10.0 and older, BVMS Viewer 10.0 and older
Publication
Date
2020-01-29
Last Update
2020-01-29
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6768
Title
NoTouch deployment service BVMS Vulnerability
CVSS* Score
8.6
Affected
Bosch Products
DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, BVMS 10.0 and older, BVMS Viewer 10.0 and older
Publication
Date
2020-01-29
Last Update
2020-01-29
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6769
Title
Missing Authentication for Critical Function Video Streaming Gateway Vulnerability
CVSS* Score
10.0
Affected
Bosch Products
DIVAR IP 3000, DIVAR IP 7000, DIVAR IP all-in-one 5000, DIVAR IP 2000, DIVAR IP 5000, Bosch Video Streaming Gateway (VSG) 6.45 and older
Publication
Date
2020-01-29
Last Update
2020-01-29
Security
Advisory ID
Assigned CVE
IDs
CVE-2020-6770
Title
Deserialization of Untrusted Data - BVMS Mobile Video Service Vulnerability
CVSS* Score
10.0
Affected
Bosch Products
DIVAR IP 3000, DIVAR IP 7000, BVMS 10.0 and older
Publication
Date
2020-01-29
Last Update
2020-01-29
*CVSS - Common Vulnerability Scoring System

2019

Security
Advisory ID
Version Title CVSS* Score Affected
Bosch Products
Publication
Date
Last Update
Security
Advisory ID
Version
1.0
Title
Unauthorized access to sensitive data by reverse engineering one of the APE service tools
CVSS* Score
9.9
Affected
Bosch Products
Access Professional Edition (APE) 3.7 downwards
Publication
Date
2019-09-11
Last Update
2019-09-11
Security
Advisory ID
Version
1.0
Title
Unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation
CVSS* Score
8.8
Affected
Bosch Products
Access Professional Edition (APE) 3.7 downwards
Publication
Date
2019-09-11
Last Update
2019-09-11
Security
Advisory ID
Version
1.01
Title
Unauthenticated Certificate Access
CVSS* Score
9.9
Affected
Bosch Products
Video Recording Manager,
DIVAR IP 5000,
Bosch Video Management System
Publication
Date
2019-05-09
Last Update
2019-05-22
Security
Advisory ID
Version
1.00
Title
Software Buffer Overflow
CVSS* Score
9.8
Affected
Bosch Products
Bosch Video Management System,
DIVAR IP,
Video Recording Manager,
Video Streaming Gateway,
Configuration Manager,
Building Integration System with Video Engine,
Access Professional Edition,
Access Easy Controller,
Bosch Video Client,
Video SDK
Publication
Date
2019-04-03
Last Update
2019-04-03
Security
Advisory ID
Version
1.00
Title
Improper Access Control
CVSS* Score
9.8
Affected
Bosch Products
Bosch Video Management System,
DIVAR IP,
Configuration Manager,
Building Integration System with Video Engine,
Access Professional Edition,
Access Easy Controller,
Bosch Video Client,
Video SDK
Publication
Date
2019-04-03
Last Update
2019-04-03
Security
Advisory ID
Version
1.00
Title
Open Redirect
CVSS* Score
6.1
Affected
Bosch Products
Video Recording Manager
Publication
Date
2019-04-03
Last Update
2019-04-03
Security
Advisory ID
Version
1.00
Title
Path Traversal
CVSS* Score
4.9
Affected
Bosch Products
Video Recording Manager
Publication
Date
2019-04-03
Last Update
2019-04-03
Security
Advisory ID
Version
1.02
Title
Security Advisory Access Easy Controller 2.1
CVSS* Score
6.5
Affected
Bosch Products
Access Easy Controller 2.1
Publication
Date
2018-12-03
Last Update
2019‑02‑28
Security
Advisory ID
Version
1.1
Title
DIVAR 400 & 600 series Vulnerability
CVSS* Score
10
Affected
Bosch Products
DIVAR 400 & 600 series Vulnerability
Publication
Date
2019‑01‑09
Last Update
2019‑01‑18
*CVSS - Common Vulnerability Scoring System

2018

Security
Advisory ID
Version Title CVSS* Score Affected
Bosch Products
Publication
Date
Last Update
Security
Advisory ID
Version
1.04
Title
IP Camera Vulnerability
CVSS* Score
9.4
Affected
Bosch Products
Bosch IP Cameras
Publication
Date
2018‑12‑12
Last Update
2018‑12‑21
*CVSS - Common Vulnerability Scoring System