Bosch Security Systems IP Cameras NXP Chip Side-Channel Key Extraction (CVE-2021-3011)

Several Bosch IP cameras are built on a hardware platform that uses an NXP SmartMX/P5x secure element affected by an electromagnetic-wave side-channel vulnerability. An attacker with extended physical access to the device could recover the ECDSA private key and clone the device. The issue resides...

Bosch Security Systems IP Cameras Uncontrolled Resource Consumption (CVE-2023-32229)

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option signing of the video stream with option MD5, SHA-1 or SHA-256. This plugin only works with Tenable.ot...

Bosch IP cameras Information Disclosure Vulnerability

Bosch IP cameras are network cameras from Bosch, Germany. An information disclosure vulnerability exists in Bosch IP cameras that originates from allowing an unauthenticated attacker to retrieve information about the device itself and the device's network settings. The following products and...

CVE-2022-32540

Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras wi...