CVE-2020-6768 – Path Traversal in Bosch Video Management System (BVMS)
https://notcve.org/view.php?id=CVE-2020-6768
A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. Una vulnerabilidad de salto de ruta en la implementación NoTouch de Bosch Video Management System (BVMS), permite a un atacante remoto no autenticado leer archivos arbitrarios desde el Servidor Central. • https://psirt.bosch.com/security-advisories/bosch-sa-815013-bt.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-6767 – Path Traversal in Bosch Video Management System (BVMS)
https://notcve.org/view.php?id=CVE-2020-6767
A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. Una vulnerabilidad de salto de ruta en el FileTransferService de Bosch Video Management System (BVMS), permite a un atacante remoto autenticado leer archivos arbitrarios del Servidor Central. • https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-sa-381489-bt_cve-2020-6767_securityadvisory_bvms_pathtraversal.pdf https://psirt.bosch.com/security-advisories/BOSCH-SA-381489-BT.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2019-6957 – Buffer Overflow for Bosch Video Systems, PSIM and Access Control Systems
https://notcve.org/view.php?id=CVE-2019-6957
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The vulnerability potentially allows the unauthorized execution of code in the system via the network interface. Una vulnerabilidad de seguridad encontrada recientemente impacta a todas las versiones 9.0 y anteriores de Bosch Video Management System (BVMS), DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). La vulnerabilidad potencialmente permite la ejecución no autorizada de código en el sistema por medio de la interfaz de red. • https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0403bt-cve-2019-6957_security_advisory_software_buffer_overflow.pdf • CWE-787: Out-of-bounds Write •
CVE-2019-6958 – Improper Access Control for Bosch Video Systems, PSIM and Access Control Systems
https://notcve.org/view.php?id=CVE-2019-6958
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as "CWE-284: Improper Access Control." This vulnerability, for example, allows a potential attacker to delete video or read video data. • https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0404bt-cve-2019-6958_security_advisory_improper_access_control.pdf • CWE-306: Missing Authentication for Critical Function •
CVE-2019-8952
https://notcve.org/view.php?id=CVE-2019-8952
A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote authorized user to access arbitrary files on the system via the network interface. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.80.0033 and newer). Affected software products: Video Recording Manager (VRM) (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; 3.70; 3.71 before 3.71.0032 ; fixed versions: 3.71.0032; 3.81.0032 and newer), Bosch Video Management System (BVMS) (vulnerable versions: 3.50.00XX; 3.55.00XX; 3.60.00XX; 3.70.0056; fixed versions: 7.5; 3.71.0032). Una vulnerabilidad de salto de directorio ubicada en el servidor web afecta a varios productos de hardware y software de Bosch. • https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0402bt-cve-2019-8952_security_advisory_vrm_path_traversal.pdf https://psirt.bosch.com https://psirt.bosch.com/Advisory/BOSCH-2019-0402.html https://www.boschsecurity.com/xc/en/support/product-security/security-advisories.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •