PT-2019-18377 · Bosch · Video Streaming Gateway+9
Published
2019-05-29
·
Updated
2022-12-01
·
CVE-2019-6957
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Bosch Video Management System (BVMS) versions 9.0 and below
DIVAR IP versions 2000 through 7000
Video Recording Manager (VRM)
Video Streaming Gateway (VSG)
Configuration Manager
Building Integration System (BIS) with Video Engine
Access Professional Edition (APE)
Access Easy Controller (AEC)
Bosch Video Client (BVC)
Video SDK (VSDK)
Description
The issue potentially allows the unauthorized execution of code in the system via the network interface.
Recommendations
For Bosch Video Management System (BVMS) versions 9.0 and below, update to a version above 9.0.
For DIVAR IP versions 2000 through 7000, consider disabling network interface access until a patch is available.
For Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC), and Video SDK (VSDK), restrict network access to minimize the risk of exploitation.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Access Easy Controller
Access Professional Edition
Bosch Video Client
Bosch Video Management System
Building Integration System
Configuration Manager
Divar Ip
Video Recording Manager
Video Sdk
Video Streaming Gateway