An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks.
Weakness
The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Building_integration_system_video_engine | Bosch | * | 5.0.1 (including) |