critical
10
CWE
119
Advisory Published
Updated

CVE-2018-19036: Buffer Overflow

First published: Mon Dec 17 2018(Updated: )

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Bosch Common Product Platform 4 Firmware>=6.32
Bosch Autodome IP 4000 HD Firmware
Bosch Autodome IP 5000 HD Firmware
Bosch Autodome IP 5000 IR Firmware
Bosch Autodome IP 7000
Bosch Dinion HD 1080p
Bosch Dinion HD 1080p
Bosch Dinion HD 720p
Bosch Dinion Imager 9000 HD
Bosch Dinion IP 4000 HD Firmware
Bosch Dinion IP 5000 HD
Bosch Dinion IP 5000 MP
Bosch Dinion IP Bullet 4000
Bosch Dinion IP Bullet 5000
Bosch Dinion IP Starlight 7000 HD Firmware
Bosch Extegra Ip Dynamic 9000
Bosch Extegra Ip Starlight 9000
Bosch Flexidome Corner 9000 Mp Firmware
Bosch Flexidome HD 1080p
Bosch Vandal-proof Flexidome Hd 1080p Hdr
Bosch Vandal-proof Flexidome HD 720p Firmware
Bosch Flexidome IP Indoor 4000 HD
Bosch Flexidome IP Indoor 4000 IR
Bosch Flexidome IP Indoor 5000 HD
Bosch Flexidome IP Indoor 5000 MP Firmware
Bosch Flexidome IP Micro 2000 HD
Bosch Ip Micro 2000
Bosch Flexidome IP Micro 5000 HD
Bosch Flexidome IP Micro 5000 MP Firmware
Bosch Flexidome IP Outdoor 4000 HD Firmware
Bosch Flexidome IP Outdoor 4000 IR
Bosch Flexidome IP Outdoor 5000 HD Firmware
Bosch Flexidome IP Outdoor 5000 MP
Bosch Flexidome IP Panoramic 5000
Bosch IP 2000
Bosch IP 2000 HD
Bosch IP Bullet 4000 HD Firmware
Bosch Ip Bullet 5000 Hd Firmware
Bosch Mic IP Dynamic 7000
Bosch Mic Ip Starlight 7000 Firmware
Bosch Tinyon Ip 2000 Firmware
Bosch Vandal-proof Flexidome Hd 1080p Hdr
Bosch Vandal-proof Flexidome HD 1080p
Bosch Vandal-proof Flexidome HD 720p Firmware
Bosch Common Product Platform 6 Firmware>=6.32
Bosch Aviotec IP Starlight 8000 Firmware
Bosch Dinion IP Starlight 8000 12MP
Bosch Dinion IP Ultra 8000 12MP
Bosch Flexidome IP Panoramic 6000 12MP 180
Bosch Flexidome IP Panoramic 6000 12MP 180
Bosch Flexidome IP Panoramic 6000 12MP 360 IVA
Bosch Flexidome IP Panoramic 6000 12MP 360 IVA
Bosch Flexidome IP Panoramic 7000 12MP 180
Bosch Flexidome IP Panoramic 7000 12MP 180 IVA
Bosch Flexidome IP Panoramic 7000 12MP 360
Bosch Flexidome IP Panoramic 7000 12MP 360
Bosch Common Product Platform 7 Firmware>=6.32
Bosch Dinion IP Starlight 6000
Bosch Dinion IP Starlight 7000 HD
Bosch Dinion Ip Thermal 8000 Firmware
Bosch Flexidome IP Starlight 6000
Bosch Flexidome IP Starlight 7000
Bosch Cpp7.3 Firmware>=6.32
Bosch Autodome IP 4000i
Bosch Autodome IP 5000i
Bosch Autodome IP Starlight 5000i
Bosch Autodome IP Starlight 7000i
Bosch Dinion IP Bullet 4000i Firmware
Bosch Dinion IP Bullet 5000i Firmware
Bosch Dinion Ip Bullet 6000i Firmware
Bosch Flexidome IP 4000i
Bosch Flexidome IP 5000i
Bosch Mic IP Fusion 9000i Firmware
Bosch Mic IP Starlight 7000i

Remedy

https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2018-19036?

    The severity of CVE-2018-19036 is rated as critical with a score of 9.8.

  • How can I fix the vulnerability in Bosch IP cameras with firmware versions 6.32 and higher (CVE-2018-19036)?

    To fix the vulnerability, it is recommended to apply the necessary security patches provided by Bosch as outlined in their security advisory.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203