Vulnerabilities > Bosch > Building Integration System > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2021-23843 Missing Authentication for Critical Function vulnerability in Bosch products
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices.
local
low complexity
bosch CWE-306
4.6
2021-12-08 CVE-2021-23859 Improper Handling of Exceptional Conditions vulnerability in Bosch products
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash.
network
low complexity
bosch CWE-755
5.0