PT-2023-22218 · Bosch · Bosch Building Integration System
Published
2023-06-30
·
Updated
2023-07-12
·
CVE-2023-29241
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Bosch Building Integration System (BIS) version 5.0
Description
The issue is related to improper information in the cybersecurity guidebook of the Bosch Building Integration System, which may lead to incorrect configuration. This incorrect configuration allows local users to access data via the network.
Recommendations
For Bosch Building Integration System (BIS) version 5.0, ensure that the cybersecurity guidebook is properly followed and the configuration is corrected to prevent local users from accessing data via the network. As a temporary workaround, consider restricting network access to authorized personnel only until the configuration issue is resolved.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bosch Building Integration System