• 1 (current)
  • 2
September 2022
Title
Information Disclosure in VIDEOJET Decoder and Operator Client application in BVMS
Published
Sept. 21, 2022, 2 a.m.
Summary

BOSCH-SA-464066-BT: BVMS Operator Client application or the VIDEOJET Decoder VJD-7513 may receive an *unencrypted* live-stream from a camera which allows a man-in-the-middle attacker to compromise the confidential video streams.This happens only in combination with cameras of platform CPP13 or CPP14.x when encrypted UDP connection is configured. Please be aware that ...

August 2022
Title
SafeLogic Designer vulnerabilities
Published
Aug. 11, 2022, 2 a.m.
Summary

BOSCH-SA-463993: The SafeLogic Designer from Bosch Rexroth contains technology from SICK AG. The manufacturer has published a security bulletin regarding a vulnerability in the .NET framework. \[1\]A vulnerability in a .NET framework class used by SafeLogic Designer allows an attacker to craft malicious project files. Opening/importing such a malicious project ...

Title
Multiple Vulnerabilities in BF-OS
Published
Aug. 1, 2022, 2 a.m.
Summary

BOSCH-SA-013924-BT: Multiple vulnerabilities were identified in BF-OS version 3.x up to and including 3.83 used by Bigfish V3 and PR21 (Energy Platform) devices and Bigfish VM image, which are part of the data collection infrastructure of the Energy Platform solution.The most critical vulnerability may allow an unauthenticated remote attacker to ...

June 2022
Title
Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch
Published
June 22, 2022, 2 a.m.
Summary

BOSCH-SA-247052-BT: Multiple vulnerabilities were found in the PRA-ES8P2S Ethernet-Switch including an Improper Input Validation, an Improper Privilege Management and an Execution with Unnecessary Privileges vulnerability.These vulnerabilities can give root access and/or administrator privilege to the switch from the network.Customers are advised to upgrade to version 1.01.07 that solves vulnerabilities CVE-2022-32534, ...

May 2022
Title
Vulnerabilities in the communication protocol of the PLC runtime
Published
May 2, 2022, 2 a.m.
Summary

BOSCH-SA-577411: The PLC application of the control systems ctrlX CORE, IndraLogic, IndraMotion MTX, IndraMotion MLC and IndraMotion MLD contains PLC technology from CODESYS GmbH. The manufacturer CODESYS GmbH published multiple security bulletins \[1\], \[2\], \[3\], \[4\], \[5\]. By exploiting the vulnerabilities in the protocol for the communication between the PLC ...

April 2022
Title
Improper Control of Generation of Code in Bosch MATRIX
Published
April 27, 2022, 2 a.m.
Summary

BOSCH-SA-309239-BT: The access control and time attendance management software Bosch MATRIX uses a version of the Java Spring Framework that is vulnerable to \"spring4shell\" (CVE-2022-22965). Bosch MATRIX does NOT use a configuration that is currently known to be exploitable using this vulnerability, but as the developers of Spring point out, ...

Title
Vulnerability in routers FL MGUARD and TC MGUARD
Published
April 27, 2022, 2 a.m.
Summary

BOSCH-SA-982696: The FL MGUARD and TC MGUARD safety devices sold by Bosch Rexroth are devices from Phoenix Contact that have been introduced as trade goods. A security advisory has been published by the manufacturer, which indicates that devices are affected by a possible infinite loop within an OpenSSL library method ...

Title
Multiple ctrlX CORE vulnerabilities
Published
April 20, 2022, 2 a.m.
Summary

BOSCH-SA-029150: The base operating system app core20, which is part of ctrlX CORE XCR (base system apps), includes vulnerable versions of expat, libc and OpenSSL. Furthermore, multiple ctrlX CORE apps use at least one of the libraries shipped with core20. An attacker might be able to escalate privileges, gain system ...

March 2022
Title
Buffer Overflow Vulnerability in Recovery Image
Published
March 30, 2022, 2 a.m.
Summary

BOSCH-SA-446276-BT: A recently discovered security vulnerability allows an attacker to cause an buffer overflow in the recovery image, crashing the application and open the possibility for code execution.The recovery image can only be booted using a command requiring administrative access or requiring physical access to the device.Bosch rates this vulnerability ...

Title
Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability
Published
March 23, 2022, 1 a.m.
Summary

BOSCH-SA-479793-BT: A vulnerability has been discovered affecting the Bosch Fire Monitoring System (FSM-2500, FSM-5000, FSM-10k and obsolete FSM-10000). The issue applies to FSM server with version 5.6.630 and lower, and FSM client with version 5.6.2131 and lower. Bosch recommends customers to update vulnerable components with the provided patch. The vulnerability ...

Title
Improper Restriction of XML External Entity Reference in BVMS
Published
March 16, 2022, 1 a.m.
Summary

BOSCH-SA-506619-BT: When BVMS is installed in an installation folder where low-priviledged users have write access, BVMS is affected by a security vulnerability, which potentially allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.Bosch rates the vulnerability with a CVSS v3.1 Base Score of 5.7 (Medium) when the ...

January 2022
Title
Injection of arbitrary HTML code in Bosch Video Security Android App
Published
Jan. 26, 2022, 1 a.m.
Summary

BOSCH-SA-844050-BT: A vulnerability was recently discovered in the Android Application Bosch Video Security that allows an attacker to inject random HTML code into a WebView object. This vulnerability could for example allow the loading of malicious forms that could lead to the theft of the user\'s private information.This vulnerability was ...

Title
Multiple vulnerabilities in Bosch AMC2 (Access Modular Controller)
Published
Jan. 19, 2022, 1 a.m.
Summary

BOSCH-SA-940448-BT: The Bosch AMC2 (Access Modular Controller) is an door access controller. It takes access control decisions for a group of up to eight access points. These access points may consist of doors, gates, barriers, turn stiles, revolving doors, man-traps, ID card readers, door opening elements and sensors. The device ...

December 2021
Title
Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)
Published
Dec. 22, 2021, 1 a.m.
Summary

BOSCH-SA-993110-BT: The 1.0.31 software version of the PRAESENSA Advanced Public Address Server (PRA-APAS) contains version 2.10.0 of the Apache Log4j logging service. Recently Apache has warned that this Log4j version contains multiple vulnerabilities, including the Log4Shell vulnerability (CVE-2021-44228).This Log4Shell vulnerability allows remote code execution by sending a specifically crafted log ...

Title
Apache Log4j Vulnerabilities - Impact on Bosch Rexroth Products
Published
Dec. 21, 2021, 1 a.m.
Summary

BOSCH-SA-572602: The Apache Software Foundation has published information about a vulnerability in the Java logging framework *log4j*, which allows an attacker to execute arbitrary code loaded from LDAP or JNDI related endpoints which are under control of the attacker. \[1\]Additionally, a further vulnerability might allow an attacker to cause a ...

Title
Multiple Vulnerabilities in Bosch BT software products
Published
Dec. 8, 2021, 1 a.m.
Summary

BOSCH-SA-043434-BT: A recently discovered security vulnerability allows an unauthenticated attacker to cause an application to crash (Denial of Service / DoS) and for the VRM opens the possibility to send unauthenticated commands for a short time (this vulnerability is rated critical).The VRM, DIVAR IP and BVMS with VRM are also ...

October 2021
Title
Multiple vulnerabilities in Rexroth IndraMotion and IndraLogic series
Published
Oct. 4, 2021, 2 a.m.
Summary

BOSCH-SA-741752: The control systems series Rexroth IndraMotion MLC and IndraLogic XLC are affected by multiple vulnerabilities in the web server, which – in combination – ultimately enable an attacker to log in to the system. - Information disclosure: The main configuration, including users and their hashed passwords, is exposed by ...

August 2021
Title
Cross Site Request Forgery (CSRF) vulnerability in Bosch IP cameras
Published
Aug. 4, 2021, 2 a.m.
Summary

BOSCH-SA-033305-BT: The possibility to conduct a CSRF (Cross Site Request Forgery) attack was discovered in a Penetration Test from Kaspersky ICS CERT during a certification effort from Bosch. Bosch rates this vulnerability with CVSSv3.1 base scores of 7.5 (High), where the actual rating depends on the final rating specific to ...

July 2021
Title
Vulnerabilities in CODESYS V2 runtime systems
Published
July 20, 2021, 2 a.m.
Summary

BOSCH-SA-670099: The compact systems CS351E and CS351S and the communication module KE350G with integrated PLC contain technology from CODESYS GmbH. The manufacturer CODESYS GmbH published security bulletins \[1\]\[2\] about a weakness in the protocol for the communication between the PLC runtime and clients. By exploiting these vulnerabilities, attackers can send ...

June 2021
Title
Multiple vulnerabilities in Bosch IP cameras
Published
June 9, 2021, 2 a.m.
Summary

BOSCH-SA-478243-BT: Multiple vulnerabilities for Bosch IP cameras have been discovered in a Penetration Test from Kaspersky ICS CERT during a certification effort from Bosch. Bosch rates these vulnerabilities with CVSSv3.1 base scores from 9.8 (Critical) to 4.9 (Medium), where the actual rating depends on the individual vulnerability and the final ...

May 2021
Title
Several Vulnerabilities in Bosch B426, B426-CN/B429-CN, and B426-M
Published
May 28, 2021, 2 a.m.
Summary

BOSCH-SA-196933-BT: A security vulnerability affects the Bosch B426, B426-CN/B429-CN, and B426-M. The vulnerability is exploitable via the network interface. Bosch rates this vulnerability at 8.0 (High) and recommends customers to update vulnerable components with fixed software versions. A second vulnerable condition was found when using http protocol, in which the ...

Title
Vulnerability in the routing protocol of the PLC runtime
Published
May 19, 2021, 2 a.m.
Summary

BOSCH-SA-350374: The control systems IndraMotion MTX, MLC and MLD and the ctrlX CORE PLC application contain PLC technology from Codesys GmbH. The manufacturer Codesys GmbH published a security bulletin \[1\] about a weakness in the routing protocol for the communication between the PLC runtime and clients. By exploiting the vulnerability, ...

April 2021
Title
FTP Backdoor for Rexroth Fieldbus Couplers S20 and Inline
Published
April 30, 2021, 2 a.m.
Summary

BOSCH-SA-428397: On some Fieldbus Couplers, there is a hidden, password-protected FTP area for the root directory.

Title
ctrlX CORE - IDE App affected by OpenSSL and Python Vulnerabilities
Published
April 30, 2021, 2 a.m.
Summary

BOSCH-SA-017743: Multiple vulnerabilities affecting OpenSSL Versions previous to 1.1.1k and Python 0 through 3.9.1, have been reported. Affected versions are included in the ctrlX CORE - IDE App. In order to successfully exploit these vulnerabilities, an attacker requires access to the network or system. Two vulnerabilities (CVE-2021-3177 and CVE-2021-27619) are ...

Title
ctrlX Multiple Vulnerabilities
Published
April 23, 2021, 2 a.m.
Summary

Multiple vulnerabilities in operating system libraries and the Linux kernel have been reported which in a worst case scenario could allow an attacker to compromise the system by provoking a crash or the execution of malicious code. The affected functions are not used directly by any Rexroth software component and ...

  • 1 (current)
  • 2

Last Updates

BOSCH PSIRT
21.09.2022
CODESYS
27.07.2022
SIEMENS CERT
13.09.2022
US CERT
22.09.2022
US CERT (ICS)
22.09.2022

By Source

Archive

2022
2021
2020
2019
2018
2017

Feeds