CVE-2023-35867: Mitigation Strategies for Bosch BT Software Vulnerability

Published on: 08-03-2024 By Soc Team

Overview of CVE-2023-35867

CVE-2023-35867 identifies a critical security vulnerability impacting a range of Bosch BT software products. This vulnerability arises from improper handling of malformed API answer packets sent to API clients, posing a risk of Denial of Service (DoS) attacks. Such an attack can be executed by unauthenticated intruders who manage to replace an existing API server, potentially through Man-in-the-Middle (MitM) attacks.

Affected Products

Several Bosch software products are vulnerable, specifically:

  • BVMS: All versions less than or equal to 12.0.0
  • BVMS Viewer: All versions less than or equal to 12.0.0
  • Configuration Manager: All versions less than or equal to 7.62
  • DIVAR IP Series: All versions of various models less than or equal to 12.0.0
  • Project Assistant: All versions less than or equal to 2.3
  • Video Security Client: All versions less than or equal to 3.3.5
  • BIS Video Engine: All versions less than or equal to 5.0.1
  • Intelligent Insights: All versions less than or equal to 1.0.3.14
  • ONVIF Camera Event Driver Tool: All versions less than or equal to 2.0.0.8

Vulnerability Impact

The vulnerability can have severe consequences as it allows an attacker to disrupt the availability of the affected systems. With a base score of 5.9 on the CVSS v3.1 scale, the severity is noted as medium. However, the potential for high availability impact makes it imperative for organizations using these products to address the vulnerability immediately.

Mitigation Strategies

To mitigate the risk posed by CVE-2023-35867, organizations should adopt the following strategies:

  • Select and Implement Patches: Update all Bosch software products to the latest versions. Bosch has provided patches targeting the vulnerabilities and it’s critical to ensure that every system running the affected software is updated without delay.
  • Network Configuration: Limit exposure by configuring network security measures, such as firewalls, to restrict access to the affected services from untrusted networks. Proper segmentation can significantly reduce risk.
  • API Authentication: Implement strong authentication for API calls to mitigate the risk of MitM attacks. Authentication mechanisms ensure that only authorized systems can communicate with the API services.
  • Regular Monitoring: Establish a monitoring protocol for API activities and network traffic. This enables the quick detection of anomalies that may indicate an attempted attack.
  • Security Policies: Review and enforce organizational security policies that address API security. Training staff on the importance of following security guidelines is essential.

Conclusion

Vulnerabilities like CVE-2023-35867 underscore the critical need for robust security practices in software management. The consequences of unmitigated risks can lead to significant operational disruptions, thus making prompt action imperative.


For further information and updates regarding this vulnerability, refer to the Bosch security advisory.