CVE-2020-6785

Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This...

CVE-2020-6768

A path traversal vulnerability in the Bosch Video Management System BVMS NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 = 10.0.0.1225, 9.0 = 9.0.0.827, 8.0 = 8.0.329 and 7.5 and older. This affect...

Authentication flaw

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...

CVE-2020-6769 Missing Authentication for Critical Function in Bosch Video Streaming Gateway

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...

CVE-2019-6957

A recently discovered security vulnerability affects all Bosch Video Management System BVMS versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager VRM, Video Streaming Gateway VSG, Configuration Manager, Building Integration System BIS with Video Engine, Access...