Bosch Security and Safety Systems Middle East

Security Advisories

Below listed Security Advisories (SA) inform you about identified security vulnerabilities in our product or service and proposed solutions. As we take your overall system security very seriously, we provide in addition Security Information (SI), covering potential effects caused by third-party vulnerabilities.

Type ID Version Title CVSS* Score Products Date Download
(Link to pdf)
Type
SA
ID
BOSCH-SA-710832-BT
CVE-2019-11898
Version
1.0
Title
Unauthorized access to sensitive data by reverse engineering one of the APE service tools
CVSS* Score
9.9
Products
Access Professional Edition (APE) 3.7 downwards
Date
2019-09-11
Download
(Link to pdf)
Type
SA
ID
BOSCH-SA-844044-BT
CVE-2019-11899
Version
1.0
Title
Unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation
CVSS* Score
8.8
Products
Access Professional Edition (APE) 3.7 downwards
Date
2019-09-11
Download
(Link to pdf)
Type
SI
ID
BOSCH-SI-2019-0903BT
CVE-2019-1181/1182
Version
1.0
Title
Windows Remote Desktop Services (RDP) Remote Code Execution
CVSS* Score
9.8
Products
DIVAR IP, HP Workstation, HP Server DL380, UGM 2040 plus, VIDEOJET
Date
2019-09-03
Download
(Link to pdf)
Type
SI
ID
BOSCH-SI-2019-0612BT 
CVE-2019-0708
Version
1.0
Title
Windows Remote Desktop Services (RDP) Remote Code Execution
CVSS* Score
9.8
Products
DIVAR IP, HP Workstation, HP Server DL380, VIDEOJET
Date
2019-06-12
Download
(Link to pdf)
Type
SA
ID
BOSCH-SA-804652-BT
CVE-2019-11684
Version
1.01
Title
Unauthenticated Certificate Access
CVSS* Score
9.9
Products
Video Recording Manager,
DIVAR IP 5000,
Bosch Video Management System
Date
2019-05-22
Download
(Link to pdf)
Type
SA
ID
BOSCH-2019-0403BT
CVE-2019-6957
Version
1.00
Title
Software Buffer Overflow
CVSS* Score
9.8
Products
Bosch Video Management System,
DIVAR IP,
Video Recording Manager,
Video Streaming Gateway,
Configuration Manager,
Building Integration System with Video Engine,
Access Professional Edition,
Access Easy Controller,
Bosch Video Client,
Video SDK
Date
2019-04-03
Download
(Link to pdf)
Type
SA
ID
BOSCH-2019-0404BT
CVE-2019-6958
Version
1.00
Title
Improper Access Control
CVSS* Score
9.8
Products
Bosch Video Management System,
DIVAR IP,
Configuration Manager,
Building Integration System with Video Engine,
Access Professional Edition,
Access Easy Controller,
Bosch Video Client,
Video SDK
Date
2019-04-03
Download
(Link to pdf)
Type
SA
ID
BOSCH-2019-0401BT
CVE-2019-8951
Version
1.00
Title
Open Redirect
CVSS* Score
6.1
Products
Video Recording Manager
Date
2019-04-03
Download
(Link to pdf)
Type
SA
ID
BOSCH-2019-0402BT
CVE-2019-8952
Version
1.00
Title
Path Traversal
CVSS* Score
4.9
Products
Video Recording Manager
Date
2019-04-03
Download
(Link to pdf)
Type
SA
ID
BOSCH‑2018‑1201
Version
1.02
Title
Security Advisory Access Easy Controller 2.1
CVSS* Score
6.5
Products
Access Easy Controller 2.1
Date
2019‑02‑28
Download
(Link to pdf)
Type
SA
ID
BOSCH‑2019‑0101‑BT
Version
1.1
Title
DIVAR 400 & 600 series Vulnerability
CVSS* Score
10
Products
DIVAR 400 & 600 series Vulnerability
Date
2019‑01‑09
Download
(Link to pdf)
Type
SA
ID
CVE-2018-19036
BOSCH‑2018‑1202‑BT
Version
1.04
Title
IP Camera Vulnerability
CVSS* Score
9.4
Products
Bosch IP Cameras
Date
2018‑12‑12
Download
(Link to pdf)
*CVSS - Common Vulnerability Scoring System