Known Vulnerabilities for products from Bosch
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Bosch".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Bosch can be found at device.report : Bosch
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-33618 json | Not Provided | 2026-04-15 | 2026-04-15 | |
| CVE-2023-34999 json | A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that all... | 7.2 - HIGH | 2023-09-18 | 2023-09-19 |
| CVE-2023-32229 json | Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip ... | 6.5 - MEDIUM | 2023-06-15 | 2023-07-05 |
| CVE-2023-29241 json | Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuratio... | 7.1 - HIGH | 2023-06-30 | 2023-07-12 |
| CVE-2023-28175 json | Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resou... | 7.7 - HIGH | 2023-06-15 | 2023-07-05 |
| CVE-2022-47648 json | An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sor... | 8.8 - HIGH | 2023-02-08 | 2023-11-07 |
| CVE-2022-41677 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-12-18 | 2023-12-22 |
| CVE-2022-40184 json | Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 40... | 4.8 - MEDIUM | 2022-10-27 | 2022-10-31 |
| CVE-2022-40183 json | An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based in... | 4.7 - MEDIUM | 2022-10-27 | 2022-10-31 |
| CVE-2022-36302 json | File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file pat... | 5.4 - MEDIUM | 2022-08-01 | 2022-08-08 |
| CVE-2022-36301 json | BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force t... | 7.5 - HIGH | 2022-08-01 | 2022-08-08 |
| CVE-2022-32540 json | Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions ... | 5.9 - MEDIUM | 2022-09-30 | 2022-10-04 |
| CVE-2022-32536 json | The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was... | 8.8 - HIGH | 2022-06-23 | 2022-07-01 |
| CVE-2022-32535 json | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination wi... | 9.8 - CRITICAL | 2022-06-23 | 2022-07-01 |
| CVE-2022-32534 json | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injectio... | 9.8 - CRITICAL | 2022-06-23 | 2023-06-29 |
| CVE-2021-23863 json | HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully ... | 6.1 - MEDIUM | 2022-01-28 | 2022-02-02 |
| CVE-2021-23862 json | A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in syst... | 7.2 - HIGH | 2021-12-08 | 2022-08-30 |
| CVE-2021-23861 json | By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM ... | 6.5 - MEDIUM | 2021-12-08 | 2022-08-30 |
| CVE-2021-23860 json | An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To explo... | 6.1 - MEDIUM | 2021-12-08 | 2021-12-14 |
| CVE-2021-23859 json | An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone V... | 7.5 - HIGH | 2021-12-08 | 2021-12-14 |
Known software with vulnerabilities from Bosch
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Bosch | Access | - |
| Application | Bosch | Access Professional Edition | 3.0 |
| Application | Bosch | Bosch Video Management System | 3.0 |
| Application | Bosch | Bosch Video Management System Mobile Video Service | 10.0.0.1225 |
| Application | Bosch | Building Integration System | 2.2 |
| Application | Bosch | Configuration Manager | 5.50.0226 |
| Hardware | Bosch | Divar Ip 3000 | - |
| Operating System | Bosch | Divar Ip 3000 Firmware | - |
| Hardware | Bosch | Divar Ip 7000 | - |
| Operating System | Bosch | Divar Ip 7000 Firmware | - |
| Hardware | Bosch | Fsm-2500 | - |
| Operating System | Bosch | Fsm-2500 Firmware | - |
| Hardware | Bosch | Fsm-5000 | - |
| Operating System | Bosch | Fsm-5000 Firmware | - |
| Application | Bosch | Iot Gateway Software | - |
| Hardware | Bosch | Praesensa | - |
| Operating System | Bosch | Praesensa Firmware | - |
| Hardware | Bosch | Praesideo | - |
| Operating System | Bosch | Praesideo Firmware | - |
| Application | Bosch | Prosyst Mbs Sdk | - |