Vulnerability Description
Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bosch | Cpp13 Firmware | < 8.48.0017 |
| Bosch | Autodome 7000I | - |
| Bosch | Autodome 7100 Ir | - |
| Bosch | Autodome Inteox 7000I | - |
| Bosch | Dinion Inteox 7100I Ir | - |
| Bosch | Flexidome Inteox 7100I Ir | - |
| Bosch | Mic Inteox 7100I | - |
| Bosch | Cpp14 Firmware | >= 8.50, < 8.80.0090 |
| Bosch | Dinion 7100I Ir | - |
| Bosch | Flexidome Indoor 5100I | - |
| Bosch | Flexidome Indoor 5100I Ir | - |
| Bosch | Flexidome Multi 7000I | - |
| Bosch | Flexidome Multi 7000I Ir | - |
| Bosch | Flexidome Outdoor 5100I | - |
| Bosch | Flexidome Outdoor 5100I Ir | - |
| Bosch | Flexidome Panoramic 5100I | - |
| Bosch | Flexidome Panoramic 5100I Ir | - |
Related Weaknesses (CWE)
References
- https://psirt.bosch.com/security-advisories/BOSCH-SA-435698-BT.htmlVendor Advisory
- https://psirt.bosch.com/security-advisories/BOSCH-SA-435698-BT.htmlVendor Advisory
FAQ
What is CVE-2023-32229?
CVE-2023-32229 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signin...
How severe is CVE-2023-32229?
CVE-2023-32229 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32229?
Check the references section above for vendor advisories and patch information. Affected products include: Bosch Cpp13 Firmware, Bosch Autodome 7000I, Bosch Autodome 7100 Ir, Bosch Autodome Inteox 7000I, Bosch Dinion Inteox 7100I Ir.