• 1 (current)
  • 2
May 2022
Title
Vulnerabilities in the communication protocol of the PLC runtime
Published
May 2, 2022, 2 a.m.
Summary

BOSCH-SA-577411: The PLC application of the control systems ctrlX CORE, IndraLogic, IndraMotion MTX, IndraMotion MLC and IndraMotion MLD contains PLC technology from CODESYS GmbH. The manufacturer CODESYS GmbH published multiple security bulletins \[1\], \[2\], \[3\], \[4\], \[5\]. By exploiting the vulnerabilities in the protocol for the communication between the PLC ...

April 2022
Title
Vulnerability in routers FL MGUARD and TC MGUARD
Published
April 27, 2022, 2 a.m.
Summary

BOSCH-SA-982696: The FL MGUARD and TC MGUARD safety devices sold by Bosch Rexroth are devices from Phoenix Contact that have been introduced as trade goods. A security advisory has been published by the manufacturer, which indicates that devices are affected by a possible infinite loop within an OpenSSL library method ...

Title
Improper Control of Generation of Code in Bosch MATRIX
Published
April 27, 2022, 2 a.m.
Summary

BOSCH-SA-309239-BT: The access control and time attendance management software Bosch MATRIX uses a version of the Java Spring Framework that is vulnerable to \"spring4shell\" (CVE-2022-22965). Bosch MATRIX does NOT use a configuration that is currently known to be exploitable using this vulnerability, but as the developers of Spring point out, ...

Title
Multiple ctrlX CORE vulnerabilities
Published
April 20, 2022, 2 a.m.
Summary

BOSCH-SA-029150: The base operating system app core20, which is part of ctrlX CORE XCR (base system apps), includes vulnerable versions of expat, libc and OpenSSL. Furthermore, multiple ctrlX CORE apps use at least one of the libraries shipped with core20. An attacker might be able to escalate privileges, gain system ...

March 2022
Title
Buffer Overflow Vulnerability in Recovery Image
Published
March 30, 2022, 2 a.m.
Summary

BOSCH-SA-446276-BT: A recently discovered security vulnerability allows an attacker to cause an buffer overflow in the recovery image, crashing the application and open the possibility for code execution.The recovery image can only be booted using a command requiring administrative access or requiring physical access to the device.Bosch rates this vulnerability ...

Title
Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability
Published
March 23, 2022, 1 a.m.
Summary

BOSCH-SA-479793-BT: A vulnerability has been discovered affecting the Bosch Fire Monitoring System (FSM-2500, FSM-5000, FSM-10k and obsolete FSM-10000). The issue applies to FSM server with version 5.6.630 and lower, and FSM client with version 5.6.2131 and lower. Bosch recommends customers to update vulnerable components with the provided patch. The vulnerability ...

Title
Improper Restriction of XML External Entity Reference in BVMS
Published
March 16, 2022, 1 a.m.
Summary

BOSCH-SA-506619-BT: When BVMS is installed in an installation folder where low-priviledged users have write access, BVMS is affected by a security vulnerability, which potentially allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.Bosch rates the vulnerability with a CVSS v3.1 Base Score of 5.7 (Medium) when the ...

January 2022
Title
Injection of arbitrary HTML code in Bosch Video Security Android App
Published
Jan. 26, 2022, 1 a.m.
Summary

BOSCH-SA-844050-BT: A vulnerability was recently discovered in the Android Application Bosch Video Security that allows an attacker to inject random HTML code into a WebView object. This vulnerability could for example allow the loading of malicious forms that could lead to the theft of the user\'s private information.This vulnerability was ...

Title
Multiple vulnerabilities in Bosch AMC2 (Access Modular Controller)
Published
Jan. 19, 2022, 1 a.m.
Summary

BOSCH-SA-940448-BT: The Bosch AMC2 (Access Modular Controller) is an door access controller. It takes access control decisions for a group of up to eight access points. These access points may consist of doors, gates, barriers, turn stiles, revolving doors, man-traps, ID card readers, door opening elements and sensors. The device ...

December 2021
Title
Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)
Published
Dec. 22, 2021, 1 a.m.
Summary

BOSCH-SA-993110-BT: The 1.0.31 software version of the PRAESENSA Advanced Public Address Server (PRA-APAS) contains version 2.10.0 of the Apache Log4j logging service. Recently Apache has warned that this Log4j version contains multiple vulnerabilities, including the Log4Shell vulnerability (CVE-2021-44228).This Log4Shell vulnerability allows remote code execution by sending a specifically crafted log ...

Title
Apache Log4j Vulnerabilities - Impact on Bosch Rexroth Products
Published
Dec. 21, 2021, 1 a.m.
Summary

BOSCH-SA-572602: The Apache Software Foundation has published information about a vulnerability in the Java logging framework *log4j*, which allows an attacker to execute arbitrary code loaded from LDAP or JNDI related endpoints which are under control of the attacker. \[1\]Additionally, a further vulnerability might allow an attacker to cause a ...

Title
Multiple Vulnerabilities in Bosch BT software products
Published
Dec. 8, 2021, 1 a.m.
Summary

BOSCH-SA-043434-BT: A recently discovered security vulnerability allows an unauthenticated attacker to cause an application to crash (Denial of Service / DoS) and for the VRM opens the possibility to send unauthenticated commands for a short time (this vulnerability is rated critical).The VRM, DIVAR IP and BVMS with VRM are also ...

October 2021
Title
Multiple vulnerabilities in Rexroth IndraMotion and IndraLogic series
Published
Oct. 4, 2021, 2 a.m.
Summary

BOSCH-SA-741752: The control systems series Rexroth IndraMotion MLC and IndraLogic XLC are affected by multiple vulnerabilities in the web server, which – in combination – ultimately enable an attacker to log in to the system. - Information disclosure: The main configuration, including users and their hashed passwords, is exposed by ...

August 2021
Title
Cross Site Request Forgery (CSRF) vulnerability in Bosch IP cameras
Published
Aug. 4, 2021, 2 a.m.
Summary

BOSCH-SA-033305-BT: The possibility to conduct a CSRF (Cross Site Request Forgery) attack was discovered in a Penetration Test from Kaspersky ICS CERT during a certification effort from Bosch. Bosch rates this vulnerability with CVSSv3.1 base scores of 7.5 (High), where the actual rating depends on the final rating specific to ...

July 2021
Title
Vulnerabilities in CODESYS V2 runtime systems
Published
July 20, 2021, 2 a.m.
Summary

BOSCH-SA-670099: The compact systems CS351E and CS351S and the communication module KE350G with integrated PLC contain technology from CODESYS GmbH. The manufacturer CODESYS GmbH published security bulletins \[1\]\[2\] about a weakness in the protocol for the communication between the PLC runtime and clients. By exploiting these vulnerabilities, attackers can send ...

June 2021
Title
Multiple vulnerabilities in Bosch IP cameras
Published
June 9, 2021, 2 a.m.
Summary

BOSCH-SA-478243-BT: Multiple vulnerabilities for Bosch IP cameras have been discovered in a Penetration Test from Kaspersky ICS CERT during a certification effort from Bosch. Bosch rates these vulnerabilities with CVSSv3.1 base scores from 9.8 (Critical) to 4.9 (Medium), where the actual rating depends on the individual vulnerability and the final ...

May 2021
Title
Several Vulnerabilities in Bosch B426, B426-CN/B429-CN, and B426-M
Published
May 28, 2021, 2 a.m.
Summary

BOSCH-SA-196933-BT: A security vulnerability affects the Bosch B426, B426-CN/B429-CN, and B426-M. The vulnerability is exploitable via the network interface. Bosch rates this vulnerability at 8.0 (High) and recommends customers to update vulnerable components with fixed software versions. A second vulnerable condition was found when using http protocol, in which the ...

Title
Vulnerability in the routing protocol of the PLC runtime
Published
May 19, 2021, 2 a.m.
Summary

BOSCH-SA-350374: The control systems IndraMotion MTX, MLC and MLD and the ctrlX CORE PLC application contain PLC technology from Codesys GmbH. The manufacturer Codesys GmbH published a security bulletin \[1\] about a weakness in the routing protocol for the communication between the PLC runtime and clients. By exploiting the vulnerability, ...

April 2021
Title
ctrlX CORE - IDE App affected by OpenSSL and Python Vulnerabilities
Published
April 30, 2021, 2 a.m.
Summary

BOSCH-SA-017743: Multiple vulnerabilities affecting OpenSSL Versions previous to 1.1.1k and Python 0 through 3.9.1, have been reported. Affected versions are included in the ctrlX CORE - IDE App. In order to successfully exploit these vulnerabilities, an attacker requires access to the network or system. Two vulnerabilities (CVE-2021-3177 and CVE-2021-27619) are ...

Title
FTP Backdoor for Rexroth Fieldbus Couplers S20 and Inline
Published
April 30, 2021, 2 a.m.
Summary

BOSCH-SA-428397: On some Fieldbus Couplers, there is a hidden, password-protected FTP area for the root directory.

Title
ctrlX Multiple Vulnerabilities
Published
April 23, 2021, 2 a.m.
Summary

Multiple vulnerabilities in operating system libraries and the Linux kernel have been reported which in a worst case scenario could allow an attacker to compromise the system by provoking a crash or the execution of malicious code. The affected functions are not used directly by any Rexroth software component and ...

March 2021
Title
Denial of Service in Rexroth ActiveMover using Profinet protocol
Published
March 31, 2021, 2 a.m.
Summary

BOSCH-SA-637429: The ActiveMover with Profinet communication module (Rexroth no. 3842 559 445) sold by Bosch Rexroth contains communication technology from Hilscher (PROFINET IO Device V3) in which a vulnerability with high severity has been discovered. A Denial of Service vulnerability may lead to unexpected loss of cyclic communication or interruption ...

Title
Denial of Service in Rexroth ActiveMover using EtherNet/IP protocol
Published
March 31, 2021, 2 a.m.
Summary

BOSCH-SA-282922: The ActiveMover with the EtherNet/IP communication module (Rexroth no. 3842 559 444) sold by Bosch Rexroth contains communication technology from Hilscher (EtherNet/IP Core V2) in which a vulnerability with high severity has been discovered. A denial of service and memory corruption vulnerability could allow arbitrary code to be injected ...

Title
Uncontrolled Search Path Element in Multiple Bosch Products
Published
March 24, 2021, 1 a.m.
Summary

BOSCH-SA-835563-BT: Multiple Bosch software applications are affected by a security vulnerability, which potentially allows an attacker to load additional code in the form of DLLs (commonly known as "DLL Hijacking" or "DLL Preloading"). This code is executed during the start of the vulnerable application and in the context of the ...

Title
Side Channel Key Extraction Vulnerability in Bosch IP Cameras and Encoders
Published
March 2, 2021, 1 a.m.
Summary

BOSCH-SA-762869-BT: A recently discovered side channel attack for the NXP P5x security microcontrollers was made public. It allows attackers to extract an ECDSA private key after extensive physical access to the chip. The P5x is used as secure certificate storage on Bosch cameras and encoders built on platforms CPP-ENC CPP3 ...

  • 1 (current)
  • 2

Last Updates

BOSCH PSIRT
02.05.2022
CODESYS
14.04.2022
SIEMENS CERT
10.05.2022
US CERT
18.05.2022
US CERT (ICS)
24.05.2022

By Source

Archive

2022
2021
2020
2019
2018
2017

Feeds