Design/Logic Flaw

2023-06-1511:15:00

PRIOn knowledge base

www.prio-n.com

bosch ip cameras

design flaw

secure element chip

video stream security

md5

sha-1

sha-256

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%

JSON

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256.

CPENameOperatorVersion
cpp13_firmwarelt8.48.0017
cpp14_firmwarege8.50
cpp14_firmwarelt8.80.0090

Name	Operator	Version
cpp13_firmware	lt	8.48.0017
cpp14_firmware	ge	8.50
cpp14_firmware	lt	8.80.0090

References

psirt.bosch.com/security-advisories/BOSCH-SA-435698-BT.html