What is CVE-2021-23847?

CVE-2021-23847 is a vulnerability in Bosch IP cameras that allows an unauthenticated remote attacker to extract sensitive information or change camera settings.

What is the severity of CVE-2021-23847?

CVE-2021-23847 has a severity rating of 9.1 (Critical).

Which devices are affected by CVE-2021-23847?

Devices of the CPP6, CPP7, and CPP7.3 family with firmware versions 7.70, 7.72, and 7.80 are affected.

How can an attacker exploit CVE-2021-23847?

An attacker can exploit CVE-2021-23847 by sending crafted requests to the vulnerable device.

Where can I find more information about CVE-2021-23847?

You can find more information about CVE-2021-23847 in the Bosch Security Advisories at the following link: [https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html](https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html)

Vulnerability/
CVE-2021-23847

critical

9.8

CWE

306 287

9/6/2021

22/6/2021

CVE-2021-23847

First published: Wed Jun 09 2021(Updated: )

Credit: psirt@bosch.com

Affected Software	Affected Version	How to fix
Bosch Cpp6 Firmware	>=7.80<7.80.0129
Bosch Cpp6 Firmware	=7.70
Bosch Cpp6 Firmware	=7.72
Bosch Cpp6
Bosch Cpp7 Firmware	>=7.80<7.80.0129
Bosch Cpp7 Firmware	=7.70
Bosch Cpp7 Firmware	=7.72
Bosch Cpp7
Bosch Cpp7.3 Firmware	>=7.80<7.80.0129
Bosch Cpp7.3 Firmware	=7.70
Bosch Cpp7.3 Firmware	=7.72
Bosch Cpp7.3

Never miss a vulnerability like this again

Reference Links

https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html

Frequently Asked Questions

What is CVE-2021-23847?
CVE-2021-23847 is a vulnerability in Bosch IP cameras that allows an unauthenticated remote attacker to extract sensitive information or change camera settings.
What is the severity of CVE-2021-23847?
CVE-2021-23847 has a severity rating of 9.1 (Critical).
Which devices are affected by CVE-2021-23847?
Devices of the CPP6, CPP7, and CPP7.3 family with firmware versions 7.70, 7.72, and 7.80 are affected.
How can an attacker exploit CVE-2021-23847?
An attacker can exploit CVE-2021-23847 by sending crafted requests to the vulnerable device.
Where can I find more information about CVE-2021-23847?
You can find more information about CVE-2021-23847 in the Bosch Security Advisories at the following link: [https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html](https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html)

collector/nvd-index
vendor/bosch
canonical/bosch cpp6 firmware
version/bosch cpp6 firmware/7.80
version/bosch cpp6 firmware/7.70
version/bosch cpp6 firmware/7.72
canonical/bosch cpp6
canonical/bosch cpp7 firmware
version/bosch cpp7 firmware/7.80
version/bosch cpp7 firmware/7.70
version/bosch cpp7 firmware/7.72
canonical/bosch cpp7
canonical/bosch cpp7.3 firmware
version/bosch cpp7.3 firmware/7.80
version/bosch cpp7.3 firmware/7.70
version/bosch cpp7.3 firmware/7.72
canonical/bosch cpp7.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.