- BOSCH VIDEO SECURITY CLIENT DOWNLOAD UPDATE
- BOSCH VIDEO SECURITY CLIENT DOWNLOAD PATCH
- BOSCH VIDEO SECURITY CLIENT DOWNLOAD SOFTWARE
This includes portforwarding, which would not protect systems adequately. It is advised that the system should not be exposed directly to the internet or other insecure networks. for BVMS versions 7.0 and earlier, before updating to the latest version, the following measures could mitigate the associated risk.
BOSCH VIDEO SECURITY CLIENT DOWNLOAD SOFTWARE
In case the referenced software patches cannot be applied, e.g.
BOSCH VIDEO SECURITY CLIENT DOWNLOAD PATCH
Patch and installation procedure for the latest BIS versions is available on the Bosch Download Area
A list of affected software versions is available in appendix A of the BT security advisory Until a fixed software version is installed, the mitigation approaches firewalling, and IP filtering can be utilized.
BOSCH VIDEO SECURITY CLIENT DOWNLOAD UPDATE
The recommended approach is to update the software to a fixed version as soon as possible. See section “Firewall on host” in “Mitigations and Workaround”.įor a detailled list of affected products and fixed software versions, please seeĪPE 3.0 to APE 3.7 (only affected if Third-Party component VSDK is installed see Control Panel\Programs\Programs and Features\Bosch VideoSDKxx.xx.xxxx) In addition the firewall on the hosts shall be activated and set according to BVMS and BIS configuration manual. Internet-accessible installations should be firewalled, whilst additional steps like network isolation by VLAN, IP filtering features of the devices and other technologies should be used to decrease the exposure of vulnerable systems. In cases where a software update is not possible, a reduction in the system’s network exposure is advised. The vulnerability allows unauthorized read and write access data to the system by injection of RCP+ commands.
The exact list of affected software versions is available in appendix A of the BT advisory CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HĬVSS 3.0 Environmental Score in closed networks: 8.8,ĬVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/MAV:AĪ recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 50, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK).
0 kommentar(er)
