CVE-2023-49722

Name of the Vulnerable Software and Affected Versions Bosch BCC100 smart thermostat (affected versions not specified) BCC101/BCC102/BCC50 products (affected versions not specified)

Description A vulnerability allows an unauthenticated attacker to replace the device’s firmware with a malicious one by connecting to the device via the same WiFi network. This is possible due to an open debug port 8899 in the WiFi firmware. An attacker could potentially install a backdoor in the thermostat, use it to sniff traffic, or pivot onto other devices. The issue is related to the open network port 8899.

Recommendations For BCC101/BCC102/BCC50 products, consider disabling access to network port 8899 until a patch is available. For Bosch BCC100 smart thermostat, update to firmware v4.13.33 for enhanced security. As a temporary workaround, consider restricting access to the device via the same WiFi network to minimize the risk of exploitation. Restrict access to the open debug port 8899 to prevent potential attacks.