Published On: May 17, 2024 14:21
Advisory No: TZCERT/SA/2024/05/17-5
Source: Bosch
Software Affected: Bosch Praesensa Logging Application, Bosch Praesideo Logging Application, and Bosch Praesideo PC Call Station
Advisory No: TZCERT/SA/2024/05/17-5
Date of First Release: 17th May 2024
Source: Bosch
Software Affected: Bosch Praesensa Logging Application, Bosch Praesideo Logging Application, and Bosch Praesideo PC Call Station
Overview:
Three Bosch are vulnerable to a critical vulnerability. The attackers can leverage the vulnerability to execute arbitrary code on the server machine.
Description:
The critical vulnerability rated at 9.8 and tracked as CVE-2024-25104 is affecting Bosch Praesensa Logging Application, Bosch Praesideo Logging Application, and Bosch Praesideo PC Call Station. The weakness is caused by missing a security tactic during the architecture and design phase. Attackers can exploit the vulnerability to execute remote code on the server machine.
Impact:
Successful exploitation of this vulnerability may allow an attacker to take control of affected system.
Solution:
Bosch has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.
References:
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.
