BOSCH-SA-992447-BT: A security vulnerability has been uncovered in the REST API of the Telex Remote Dispatch Console Server and the RTS VLink Virtual Matrix Software. The vulnerability will allow a Remote Code Execution (RCE) attack.  All versions < 1.3.0 of the Telex Remote Dispatch Console Server are affected by this vulnerability.  Versions v5 and v6 (< 6.6.0) of the RTS VLink Virtual Matrix Software are affected by this vulnerability. Older versions (v4 and lower) are not affected.  The vulnerability has been uncovered and disclosed responsibly by external researcher Omer Shaik. 


https://psirt.bosch.com/security-advisories/bosch-sa-992447-bt.html