Vulnerabilities in Bosch PRAESIDEO and PRAESENSA

Published

2020-09-28 00:00:00 UTC

Summary

BOSCH-SA-538331-BT: Two security vulnerabilities have been uncovered in the web based management interface of the PRAESIDEO Network Controller and the PRAESENSA System Controller. The vulnerabilities will allow a Cross-Site Request Forgery (CSRF) attack and a Cross-site Scripting (XSS) attack. For PRAESIDEO a third vulnerability will allow a replay attack with which authentication can be bypassed. This last vulnerability is present in the web server of the PRAESIDEO Network Controller. All hardware revisions of the PRAESIDEO Network Controller and the PRAESENSA System Controller are affected by these vulnerabilities. Unfortunately patching is not available for some older (out of service) models of the PRAESIDEO Network Controller. Further details are provided in the Solution and Mitigations section. The vulnerabilities in PRAESIDEO have been discovered and responsibly disclosed by the external researcher Gjoko Krstic.