BOSCH-SA-815013-BT: A path traversal vulnerability exists in the BVMS NoTouch deployment. If this vulnerability is exploited an unauthenticated attacker without local shell access to a BVMS Central Server system is able to fetch arbitrary data from the file system of the Central Server computer. Under specific circumstances an attack can ...
BOSCH-SA-260625-BT: A recently discovered security vulnerability affects the Bosch Video Streaming Gateway (VSG). The vulnerability is exploitable via the network interface. An unauthorized attacker can retrieve and set arbitrary configuration data of the VSG. Bosch rates this vulnerability with a CVSS v3.1 Base Score of 10.0 (Critical) and strongly recommends ...
BOSCH-SA-710832-BT: A recently discovered security vulnerability affects Access Professional Edition (APE) installations of versions 3.7 and downwards. The vulnerability enables unauthorized access to sensitive data of the APE system. In cases where a software update is not possible, a reduction in the system’s network exposure is advised. Internet-accessible installations should ...
BOSCH-SA-844044-BT: A recently discovered security vulnerability affects Access Professional Edition (APE) installations of versions 3.7 and downwards. The vulnerability enables unauthorized access to sensitive data of the APE system. In cases where a software update is not possible, a reduction in the system’s network exposure is advised. Internet-accessible installations should ...
BOSCH-SA-553243-BT: A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. Bosch relies on a Microsoft Windows operating system for several products. Consequently, some devices are affected ...
BOSCH-SA-562575: Recently discovered security vulnerabilities affect the ProSyst mBS SDK and Bosch IoT Gateway Software. They potentially allow to access sensitive information, write and delete data on the host system and forge HTTP GET request on behalf of the server via the network interface. Bosch rates these vulnerabilities with CVSSv3 ...