CVE-2023-32229
https://notcve.org/view.php?id=CVE-2023-32229
Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256. • https://psirt.bosch.com/security-advisories/BOSCH-SA-435698-BT.html • CWE-400: Uncontrolled Resource Consumption CWE-1246: Improper Write Handling in Limited-write Non-Volatile Memories •
CVE-2021-23851 – Buffer Overflow vulnerability in the recovery image web-based interface
https://notcve.org/view.php?id=CVE-2021-23851
A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. Un paquete TCP/IP especialmente diseñado puede causar el bloqueo de la interfaz web de la imagen de recuperación de la cámara. También puede causar un desbordamiento del búfer que podría permitir una ejecución de código remota. • https://psirt.bosch.com/security-advisories/bosch-sa-446276-bt.html https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVE-2021-23850 – Buffer Overflow vulnerability in the recovery image telnet server
https://notcve.org/view.php?id=CVE-2021-23850
A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. Un paquete TCP/IP especialmente diseñado puede causar el bloqueo de la interfaz telnet de la imagen de recuperación de la cámara. También puede causar un desbordamiento del búfer que podría permitir una ejecución de código remota. • https://psirt.bosch.com/security-advisories/bosch-sa-446276-bt.html https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •