critical
10
CWE
119
Advisory Published
Updated

CVE-2018-19036: Buffer Overflow

First published: Mon Dec 17 2018(Updated: )

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Bosch Common Product Platform 4 Firmware>=6.32
Bosch Autodome Ip 4000 Hd
Bosch Autodome Ip 5000 Hd
Bosch Autodome Ip 5000 Ir
Bosch Autodome Ip 7000
Bosch Dinion Hd 1080p
Bosch Dinion Hd 1080p Hdr
Bosch Dinion Hd 720p
Bosch Dinion Imager 9000 Hd
Bosch Dinion Ip 4000 Hd
Bosch Dinion Ip 5000 Hd
Bosch Dinion Ip 5000 Mp
Bosch Dinion Ip Bullet 4000
Bosch Dinion Ip Bullet 5000
Bosch Dinion Ip Starlight 7000 Hd
Bosch Extegra Ip Dynamic 9000
Bosch Extegra Ip Starlight 9000
Bosch Flexidome Corner 9000 Mp
Bosch Flexidome Hd 1080p
Bosch Flexidome Hd 1080p Hdr
Bosch Flexidome Hd 720p
Bosch Flexidome Ip Indoor 4000 Hd
Bosch Flexidome Ip Indoor 4000 Ir
Bosch Flexidome Ip Indoor 5000 Hd
Bosch Flexidome Ip Indoor 5000 Mp
Bosch Flexidome Ip Micro 2000 Hd
Bosch Flexidome Ip Micro 2000 Ip
Bosch Flexidome Ip Micro 5000 Hd
Bosch Flexidome Ip Micro 5000 Mp
Bosch Flexidome Ip Outdoor 4000 Hd
Bosch Flexidome Ip Outdoor 4000 Ir
Bosch Flexidome Ip Outdoor 5000 Hd
Bosch Flexidome Ip Outdoor 5000 Mp
Bosch Flexidome Ip Panormic 5000
Bosch Ip 2000
Bosch Ip 2000 Hd
Bosch Ip Bullet 4000 Hd
Bosch Ip Bullet 5000 Hd
Bosch Mic Ip Dynamic 7000
Bosch Mic Ip Starlight 7000
Bosch Tinyon Ip 2000
Bosch Vandal-proof Flexidome Hd 1080p
Bosch Vandal-proof Flexidome Hd 1080p Hdr
Bosch Vandal-proof Flexidome Hd 720p
Bosch Common Product Platform 6 Firmware>=6.32
Bosch Aviotec Ip Starlight 8000
Bosch Dinion Ip Starlight 8000 12mp
Bosch Dinion Ip Ultra 8000 12mp
Bosch Flexidome Ip Panoramic 6000 12mp 180
Bosch Flexidome Ip Panoramic 6000 12mp 180 Iva
Bosch Flexidome Ip Panoramic 6000 12mp 360
Bosch Flexidome Ip Panoramic 6000 12mp 360 Iva
Bosch Flexidome Ip Panoramic 7000 12mp 180
Bosch Flexidome Ip Panoramic 7000 12mp 180 Iva
Bosch Flexidome Ip Panoramic 7000 12mp 360
Bosch Flexidome Ip Panoramic 7000 12mp 360 Iva
Bosch Common Product Platform 7 Firmware>=6.32
Bosch Dinion Ip Starlight 6000
Bosch Dinion Ip Starlight 7000
Bosch Dinion Ip Thermal 8000
Bosch Flexidome Ip Starlight 6000
Bosch Flexidome Ip Starlight 7000
Bosch Common Product Platform 7.3 Firmware>=6.32
Bosch Autodome Ip 4000i
Bosch Autodome Ip 5000i
Bosch Autodome Ip Starlight 5000i
Bosch Autodome Ip Starlight 7000i
Bosch Dinion Ip Bullet 4000i
Bosch Dinion Ip Bullet 5000i
Bosch Dinion Ip Bullet 6000i
Bosch Flexidome Ip 4000i
Bosch Flexidome Ip 5000i
Bosch Mic Ip Fusion 9000i
Bosch Mic Ip Starlight 7000i

Remedy

https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2018-19036?

    The severity of CVE-2018-19036 is rated as critical with a score of 9.8.

  • How can I fix the vulnerability in Bosch IP cameras with firmware versions 6.32 and higher (CVE-2018-19036)?

    To fix the vulnerability, it is recommended to apply the necessary security patches provided by Bosch as outlined in their security advisory.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203