Bosch Security Vulnerabilities (CVEs)
Track 28 security vulnerabilities affecting Bosch products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A deserialization vulnerability in the OPC.Testclient utility within Rexroth IndraWorks allows attackers to execute arbitrary code by tricking users i...
Feb 18, 2026This vulnerability in Rexroth IndraWorks allows attackers to execute arbitrary code on a user's system by tricking them into opening a malicious file,...
Feb 18, 2026This CVE describes a stack-based buffer overflow vulnerability in Bosch products that allows unauthenticated remote attackers to cause denial-of-servi...
Jan 10, 2024This vulnerability in Bosch products allows unauthenticated remote attackers to cause denial-of-service or potentially execute arbitrary code via spec...
Jan 10, 2024This vulnerability in Bosch products allows unauthenticated remote attackers to cause denial-of-service or potentially execute arbitrary code by sendi...
Jan 10, 2024This vulnerability in Bosch security systems allows attackers to access sensitive data or achieve remote code execution with root privileges. It affec...
Jan 10, 2024This vulnerability allows remote attackers to authenticate to SSH services with root privileges using a hidden hard-coded account. It affects Bosch Re...
Jan 10, 2024This SQL injection vulnerability in Bosch security systems allows authenticated attackers to manipulate the authentication database through crafted HT...
Jan 10, 2024This vulnerability allows remote attackers to authenticate to affected Bosch web applications using hidden hard-coded accounts with high privileges. A...
Jan 10, 2024This critical vulnerability allows remote attackers to upload arbitrary files anywhere on affected Bosch systems via crafted HTTP requests, leading to...
Jan 10, 2024This CVE describes a command injection vulnerability in Bosch IP cameras that allows authenticated administrators to execute arbitrary operating syste...
Dec 18, 2023An unauthenticated attacker can send a malformed API request to Bosch BT software products, causing a Denial of Service (DoS) by crashing or disruptin...
Dec 18, 2023A command injection vulnerability in RTS VLink Virtual Matrix Software allows authenticated attackers to execute arbitrary commands via the admin web ...
Sep 18, 2023This vulnerability in Bosch Building Integration System (BIS) 5.0 involves incorrect information in cybersecurity documentation that could lead to mis...
Jun 30, 2023This vulnerability allows authenticated SSH users on Bosch VMS systems to bypass authorization controls and access internal network resources through ...
Jun 15, 2023This vulnerability allows remote attackers to execute arbitrary shell commands on Bosch Ethernet switch PRA-ES8P2S devices through command injection i...
Jun 23, 2022CVE-2022-32536 is an authentication bypass vulnerability in Bosch Ethernet switch PRA-ES8P2S web servers that allows non-administrator users to gain a...
Jun 23, 2022This vulnerability allows attackers on the local network to bypass password protection on Bosch AMC2 device configuration tools, enabling unauthorized...
Jan 19, 2022An unauthenticated attacker can send a special HTTP request to crash the service, potentially enabling further unauthenticated commands on standalone ...
Dec 8, 2021This vulnerability allows authenticated administrative users to send specially crafted configuration packets that execute arbitrary commands with syst...
Dec 8, 2021CVE-2021-23855 exposes user credentials through an unprotected web server resource in affected Bosch products. Attackers can retrieve weakly hashed pa...
Oct 4, 2021This vulnerability allows attackers to execute malicious scripts in users' browsers by tricking them into clicking specially crafted URLs. It affects ...
Oct 4, 2021This vulnerability allows unauthenticated attackers to access sensitive configuration data including user credentials and device information through u...
Oct 4, 2021This session hijacking vulnerability in Bosch B426/B429 configuration web pages allows attackers to take over authenticated user sessions. Affected sy...
Jun 18, 2021This critical vulnerability in Bosch IP cameras allows unauthenticated remote attackers to extract sensitive information or modify camera settings by ...
Jun 9, 2021This vulnerability in Bosch IP cameras allows attackers to inject arbitrary HTTP headers through specially crafted URLs due to improper input validati...
Jun 9, 2021This vulnerability allows unauthenticated attackers to access a limited subset of certificates stored in the Windows operating system through improper...
Feb 26, 2021This CVE involves hard-coded credentials in Bosch FSM server databases, allowing unauthenticated remote attackers to gain admin access. This can lead ...
Jan 26, 2021Why Monitor Bosch Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 28+ known vulnerabilities affecting Bosch products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Bosch packages in under 60 seconds. No agents required - completely agentless scanning that works across Bosch deployments.
Free vulnerability database: Access detailed information about every Bosch CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Bosch CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
