BOSCH-SA-247052-BT: Multiple vulnerabilities were found in the PRA-ES8P2S Ethernet-Switch including an Improper Input Validation, an Improper Privilege Management and an Execution with Unnecessary Privileges vulnerability.These vulnerabilities can give root access and/or administrator privilege to the switch from the network.Customers are advised to upgrade to version 1.01.07 that solves vulnerabilities CVE-2022-32534, CVE-2022-32535 and CVE-2022-32536 and to consider the mitigation measures indicated in this security advisory for the still unsolved vulnerabilities. These vulnerabilities will be addressed in our next update, which will be informed through a subsequent security advisory.The PRA-ES8P2S switch contains technology from the Advantech EKI-7710G series switches.


https://psirt.bosch.com/security-advisories/bosch-sa-247052-bt.html