Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Bosch — Vulnerabilities & Security Advisories 70

Browse all 70 CVE security advisories affecting Bosch. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Bosch:BVMSInfotainment system ECUCPP FirmwareSmart Home ControllerPRA-ES8P2SAMSCamera FirmwareDIVAR IP 3000Video Recording ManagerB426 FirmwareBF-OSVIDEOJET multi 4000Access Professional EditionFSM-2500PRAESIDEOB420BISBCC101Monitor WallNetwork Synchronizer EnterpriseVideo Streaming GatewayConfiguration ManagerVideo ClientSmart HomeBosch Recording StationIP HelperDIVAR IP 2000IoT Gateway Software
CVE IDTitleCVSSSeverityPublished
CVE-2021-23843 Lack of authentication mechanisms on the device — AMSCWE-306 8.8 High2022-01-19
CVE-2021-23842 Use of Hard-coded Cryptographic Key — AMSCWE-321 5.7 Medium2022-01-19
CVE-2021-23862 Authenticated Remote Code Execution — BVMSCWE-20 7.2 High2021-12-08
CVE-2021-23861 Possible Access to Debug Functions in Bosch VRM / BVMS — BVMSCWE-489 6.5 Medium2021-12-08
CVE-2021-23860 Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS — BVMSCWE-79 5.0 Medium2021-12-08
CVE-2021-23859 Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products — BVMSCWE-703 9.1 Critical2021-12-08
CVE-2021-23849 Cross Site Request Forgery (CSRF) vulnerability in web based management interface — CPP FirmwareCWE-352 7.5 High2021-08-05
CVE-2021-23846 B426 Credential Disclosure — B426 FirmwareCWE-319 8.8 High2021-06-18
CVE-2021-23845 B426 Web Configuration Authentication Bypass — B426 FirmwareCWE-284 8.0 High2021-06-18
CVE-2021-23854 Reflected XSS in page parameter — CPP FirmwareCWE-79 8.3 High2021-06-09
CVE-2021-23847 Unauthenticated Information Extraction Vulnerability — CPP FirmwareCWE-287 9.8 Critical2021-06-09
CVE-2021-23853 Improper Input Validation of HTTP Headers — CPP FirmwareCWE-20 8.3 High2021-06-09
CVE-2021-23848 Reflected XSS in URL handler — CPP FirmwareCWE-79 8.3 High2021-06-09
CVE-2021-23852 Denial of Service (DoS) due to invalid web parameter — CPP FirmwareCWE-400 4.9 Medium2021-06-09
CVE-2020-6790 Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer — Video Streaming GatewayCWE-427 7.8 High2021-03-25
CVE-2020-6789 Uncontrolled Search Path Element in Bosch Monitor Wall Installer — Monitor WallCWE-427 7.8 High2021-03-25
CVE-2020-6788 Uncontrolled Search Path Element in Bosch Configuration Manager Installer — Configuration ManagerCWE-427 7.8 High2021-03-25
CVE-2020-6787 Uncontrolled Search Path Element in Bosch Video Client installer — Video ClientCWE-427 7.8 High2021-03-25
CVE-2020-6786 Uncontrolled Search Path Element in Bosch Video Recording Manager Installer — Video Recording ManagerCWE-427 7.8 High2021-03-25
CVE-2020-6785 Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer — BVMSCWE-427 7.8 High2021-03-25
CVE-2020-6771 Uncontrolled Search Path Element in Bosch IP Helper — IP HelperCWE-427 7.8 High2021-03-25
CVE-2020-6780 Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server — FSM-2500CWE-916 4.4 Medium2021-01-25
CVE-2020-6779 Hard-coded Credentials in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server — FSM-2500CWE-798 10.0 Critical2021-01-25
CVE-2020-6777 Stored XSS in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface — PRAESIDEOCWE-79 4.8 Medium2021-01-14
CVE-2020-6776 CSRF in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface — PRAESIDEOCWE-352 8.8 High2021-01-14
CVE-2020-6781 Improper Certificate Validation in Bosch Smart Home System App for iOS — Smart HomeCWE-295 6.8 Medium2020-09-16
CVE-2020-6774 Kiosk Mode Breakout in Bosch Recording Station — Bosch Recording StationCWE-284 9.3 Critical2020-05-27
CVE-2020-6770 Deserialization of Untrusted Data in Bosch BVMS Mobile Video Service — DIVAR IP 3000CWE-502 10.0 Critical2020-02-07
CVE-2020-6768 Path Traversal in Bosch Video Management System (BVMS) — DIVAR IP 3000CWE-22 8.6 High2020-02-07
CVE-2020-6769 Missing Authentication for Critical Function in Bosch Video Streaming Gateway — DIVAR IP 2000CWE-306 10.0 Critical2020-02-07

This page lists every published CVE security advisory associated with Bosch. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.