5 matches found
CVE-2019-6958
The CVE-2019-6958 entry concerns Bosch BVMS and related systems (BVMS v9.0 and earlier; DIVAR IP 2000–7000; Configuration Manager; BIS with Video Engine; APE; AEC; BVC; VSDK). The root cause is improper access control via the RCP+ network port allowing access without authentication. This could en...
CVE-2019-6957
CVE-2019-6957 affects Bosch products including BVMS ≤ v9.0, DIVAR IP 2000–7000, VRM, VSG, Configuration Manager, BIS with Video Engine, APE, AEC, BV C, and VSDK. The issue is described as a buffer overflow vulnerability that potentially allows unauthorized code execution over the network interfac...
CVE-2021-23843
The CVE-2021-23843 affects Bosch AMC2 devices via AccessIPConfig.exe and AmcIpConfig.exe, where password protection on the device configuration can be bypassed, allowing unauthorized changes to configuration data and potentially making the device unresponsive on the local network. The vulnerabili...
CVE-2021-23842
The CVE-2021-23842 entry concerns Bosch AMC2, where an attacker who can access the local network can retrieve the encryption key from the firmware. This enables decryption and modification of network traffic between the AMC2 and the host system, as well as decrypted access to firmware files and p...
CVE-2021-23859
CVE-2021-23859 affects Bosch VRM and BVMS with VRM installations. An unauthenticated attacker can send a crafted HTTP request that crashes the targeted service, and in standalone VRM or BVMS configurations this crash may allow sending further unauthenticated commands to the service. Some products...