CVE-2022-32535

Name of the Vulnerable Software and Affected Versions Bosch Ethernet switch PRA-ES8P2S version 1.01.05

Description The issue is related to insufficient access control in the software of the Bosch Ethernet switch PRA-ES8P2S. This could allow a remote attacker to bypass existing security restrictions and gain elevated privileges, potentially up to root level. The web server of the switch runs with root privilege, which could be exploited to gain root access.

Recommendations For version 1.01.05, consider restricting access to the web server or disabling it until a patch is available to prevent potential exploitation. Additionally, review and implement strict access controls to minimize the risk of privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.