• 1
  • 2
  • 3 (current)
  • 4
April 2021
Title
FTP Backdoor for Rexroth Fieldbus Couplers S20 and Inline
Published
April 30, 2021, 2 a.m.
Summary

BOSCH-SA-428397: On some Fieldbus Couplers, there is a hidden, password-protected FTP area for the root directory.

Title
ctrlX Multiple Vulnerabilities
Published
April 23, 2021, 2 a.m.
Summary

Multiple vulnerabilities in operating system libraries and the Linux kernel have been reported which in a worst case scenario could allow an attacker to compromise the system by provoking a crash or the execution of malicious code. The affected functions are not used directly by any Rexroth software component and ...

March 2021
Title
Denial of Service in Rexroth ActiveMover using EtherNet/IP protocol
Published
March 31, 2021, 2 a.m.
Summary

BOSCH-SA-282922: The ActiveMover with the EtherNet/IP communication module (Rexroth no. 3842 559 444) sold by Bosch Rexroth contains communication technology from Hilscher (EtherNet/IP Core V2) in which a vulnerability with high severity has been discovered. A denial of service and memory corruption vulnerability could allow arbitrary code to be injected ...

Title
Denial of Service in Rexroth ActiveMover using Profinet protocol
Published
March 31, 2021, 2 a.m.
Summary

BOSCH-SA-637429: The ActiveMover with Profinet communication module (Rexroth no. 3842 559 445) sold by Bosch Rexroth contains communication technology from Hilscher (PROFINET IO Device V3) in which a vulnerability with high severity has been discovered. A Denial of Service vulnerability may lead to unexpected loss of cyclic communication or interruption ...

Title
Uncontrolled Search Path Element in Multiple Bosch Products
Published
March 24, 2021, 1 a.m.
Summary

BOSCH-SA-835563-BT: Multiple Bosch software applications are affected by a security vulnerability, which potentially allows an attacker to load additional code in the form of DLLs (commonly known as "DLL Hijacking" or "DLL Preloading"). This code is executed during the start of the vulnerable application and in the context of the ...

Title
Side Channel Key Extraction Vulnerability in Bosch IP Cameras and Encoders
Published
March 2, 2021, 1 a.m.
Summary

BOSCH-SA-762869-BT: A recently discovered side channel attack for the NXP P5x security microcontrollers was made public. It allows attackers to extract an ECDSA private key after extensive physical access to the chip. The P5x is used as secure certificate storage on Bosch cameras and encoders built on platforms CPP-ENC CPP3 ...

February 2021
Title
Privilege Escalation via sudo and Linux kernel in Bosch Rexroth Products
Published
Feb. 24, 2021, 1 a.m.
Summary

BOSCH-SA-372917: Linux kernel versions through 5.10.11 contain weaknesses which allow local users to execute code in the kernel with the potential to escalate privileges [1][2]. In versions of sudo before 1.9.5p2 there is a weakness present which allows privilege escalation to root for local users [3]. The ctrlX CORE and ...

January 2021
Title
Denial of Service in Rexroth ID 200/C-ETH using EtherNet/IP Protocol
Published
Jan. 27, 2021, 1 a.m.
Summary

BOSCH-SA-775371: The ID 200/C-ETH (Rexroth No. 3842 410 060) sold by Bosch Rexroth contains communication technology (499ES EtherNet/IP) from Real Time Automation (RTA) in which a critical vulnerability has been discovered. By exploiting the vulnerability an attacker can send a specially crafted packet that may result in a denial-of-service condition ...

Title
Two Vulnerabilities in Bosch Fire Monitoring System (FSM)
Published
Jan. 21, 2021, 1 a.m.
Summary

BOSCH-SA-332072-BT: Two vulnerabilties have been discovered affecting the Bosch Fire Monitoring System (FSM-2500 and FSM-5000). The critical issue applies to FSM systems with versions 5.2 and lower. Bosch rates these vulnerabilities with a CVSS v3.1 Base Score of 4.4 and 10.0 (medium and critical) and strongly recommends customers to update ...

December 2020
Title
ctrlX Products affected by OpenSSL Vulnerability CVE-2020-1971
Published
Dec. 18, 2020, 1 a.m.
Summary

BOSCH-SA-274557: The OpenSSL Software Foundation has published information [1] for OpenSSL versions prior to 1.1.1i (1.1.1 – 1.1.1h) and 1.0.2x (1.0.2 – 1.0.2w) regarding a weakness in the `GENERAL_NAME_cmp` function. The vulnerability could allow an attacker to provoke a null pointer dereference, potentially leading to a denial of service. Multiple ...

Title
Denial of Service in PLC Runtime affecting Rexroth IndraMotion Products
Published
Dec. 16, 2020, 1 a.m.
Summary

BOSCH-SA-152060: The control systems IndraMotion MTX, MLC and MLD sold by Bosch Rexroth contain technology from CODESYS GmbH. The manufacturer published security bulletins [1], [2] about weaknesses in the communication interface of the PLC runtime. By exploiting these vulnerabilities, the control device can be put into a state in which ...

Title
Multiple Vulnerabilities in 3S CODESYS Runtime in Rexroth PRC7000
Published
Dec. 16, 2020, 1 a.m.
Summary

BOSCH-SA-387388: The PRC7000 welding timer sold by Bosch Rexroth AG contains a CODESYS Soft-PLC Runtime from 3S. The manufacturer published security reports [1] about several weaknesses. By exploiting those weaknesses, an attacker can cause denial-of-service conditions or acquire user credentials. The vulnerabilities affect all firmware versions up to 1.11.3, and ...

October 2020
Title
Remote Desktop Services Remote Code Execution Vulnerability in Rexroth Industrial PCs
Published
Oct. 13, 2020, 2 a.m.
Summary

BOSCH-SA-856281: Microsoft has published information [1] for several versions of Microsoft Windows XP Microsoft Windows XP embedded Microsoft Windows 7 and Microsoft Windows 7 Embedded Standard regarding a vulnerability in the Remote Desktop Service. The vulnerability could allow an unauthenticated remote attacker to execute arbitrary code on the target system ...

September 2020
Title
Vulnerabilities in Bosch PRAESIDEO and PRAESENSA
Published
Sept. 28, 2020, 2 a.m.
Summary

BOSCH-SA-538331-BT: Two security vulnerabilities have been uncovered in the web based management interface of the PRAESIDEO Network Controller and the PRAESENSA System Controller. The vulnerabilities will allow a Cross-Site Request Forgery (CSRF) attack and a Cross-site Scripting (XSS) attack. For PRAESIDEO a third vulnerability will allow a replay attack with ...

Title
WIBU Systems CodeMeter Runtime Vulnerabilities in Rexroth Products
Published
Sept. 25, 2020, 2 a.m.
Summary

BOSCH-SA-231483: A set of 6 vulnerabilities affect multiple versions of the WIBU Systems CodeMeter Runtime Software. This software is used by multiple Rexroth Products and Bosch Rexroth customers for license management. In order to successfully exploit these vulnerabilities an attacker requires access to the network or system. One vulnerability (CVE-2020-14509) ...

August 2020
Title
Improper Certificate Validation in Bosch Smart Home System App for iOS
Published
Aug. 24, 2020, 2 a.m.
Summary

BOSCH-SA-347336: A recently discovered security vulnerability affects the Bosch Smart Home System App for iOS. Both Bosch Smart Home Camera Apps as well as the Bosch Smart Home System App for Android are not affected. It potentially allows to intercept video contents by performing a man-in-the-middle attack. Since only connections ...

May 2020
Title
Multiple Vulnerabilities in Bosch Recording Station (BRS)
Published
May 27, 2020, 2 a.m.
Summary

BOSCH-SA-363824-BT: Several issues have been discovered affecting the Bosch Recording Station (BRS). The critical issues apply to BRS systems which are connected to an open network. Bosch strongly recommends to operate the BRS system in a closed network and prevent unauthorized direct access to the BRS server. The product was ...

March 2020
Title
Denial of Service in Rexroth Fieldbus Coupler S20-PN-BK+/S20-ETH-BK
Published
March 16, 2020, 1 a.m.
Summary

BOSCH-SA-645125: The S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact. The manufacturer published a security bulletin [1] about a weakness in the web-based administration interface for managing the device properties. By exploiting the vulnerability the device can be put into a state in which network queries ...

January 2020
Title
Deserialization of Untrusted Data in Bosch BVMS Mobile Video Service
Published
Jan. 29, 2020, 1 a.m.
Summary

BOSCH-SA-885551-BT: A recently discovered security vulnerability affects the BVMS Mobile Video Service (BVMS MVS). The vulnerability is exploitable via the network interface. Bosch rates this vulnerability with a CVSS v3.1 Base Score of 10.0 (Critical) and recommends customers to update the vulnerable components with fixed software versions. The vulnerability was ...

Title
Path Traversal in Bosch Video Management System
Published
Jan. 29, 2020, 1 a.m.
Summary

BOSCH-SA-381489-BT: A path traversal vulnerability exists in the BVMS. An authenticated BVMS user can successfully request and fetch arbitrary files from the Central Server machine using the FileTransferService. Bosch rates this vulnerability with a CVSS v3.1 Base Score of 7.7 (High) and strongly recommends customers to update vulnerable components with ...

Title
Path Traversal in Bosch Video Management System NoTouch deployment
Published
Jan. 29, 2020, 1 a.m.
Summary

BOSCH-SA-815013-BT: A path traversal vulnerability exists in the BVMS NoTouch deployment. If this vulnerability is exploited an unauthenticated attacker without local shell access to a BVMS Central Server system is able to fetch arbitrary data from the file system of the Central Server computer. Under specific circumstances an attack can ...

Title
Missing Authentication for Critical Function in Bosch Video Streaming Gateway
Published
Jan. 29, 2020, 1 a.m.
Summary

BOSCH-SA-260625-BT: A recently discovered security vulnerability affects the Bosch Video Streaming Gateway (VSG). The vulnerability is exploitable via the network interface. An unauthorized attacker can retrieve and set arbitrary configuration data of the VSG. Bosch rates this vulnerability with a CVSS v3.1 Base Score of 10.0 (Critical) and strongly recommends ...

September 2019
Title
Hard-coded Credentials in Access Professional Edition 3.7 downwards (CVE-2019-11898)
Published
Sept. 11, 2019, 2 a.m.
Summary

BOSCH-SA-710832-BT: A recently discovered security vulnerability affects Access Professional Edition (APE) installations of versions 3.7 and downwards. The vulnerability enables unauthorized access to sensitive data of the APE system. In cases where a software update is not possible, a reduction in the system’s network exposure is advised. Internet-accessible installations should ...

Title
Improper Access Control in Access Professional Edition 3.7 downwards (CVE-2019-11899)
Published
Sept. 11, 2019, 2 a.m.
Summary

BOSCH-SA-844044-BT: A recently discovered security vulnerability affects Access Professional Edition (APE) installations of versions 3.7 and downwards. The vulnerability enables unauthorized access to sensitive data of the APE system. In cases where a software update is not possible, a reduction in the system’s network exposure is advised. Internet-accessible installations should ...

Title
Vulnerability for Windows Remote Desktop Services (RDP) Remote Code Execution
Published
Sept. 3, 2019, 2 a.m.
Summary

BOSCH-SA-553243-BT: A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. Bosch relies on a Microsoft Windows operating system for several products. Consequently, some devices are affected ...

  • 1
  • 2
  • 3 (current)
  • 4

Last Updates

BOSCH PSIRT
20.03.2024
CODESYS
28.06.2023
SIEMENS CERT
09.04.2024
US CERT
26.02.2024
US CERT (ICS)
16.04.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds