Recently, our analysts came across a critical vulnerability in Bosch IP cameras of families CPP13 and CPP14 (e.g. the Flexidome Panoramic 5100i that we saw). This flaw allows an authenticated user with administrative privileges to execute arbitrary commands within the camera’s operating system, potentially allowing for persistence and further traversal within the network.
Default or weak passwords and phishing attacks could enable the attackers to achieve administrative rights.
Updating the firmware as recommended by Bosch will address this issue. Further protect these devices by implementing strong security measures and maintaining a secure configuration environment. We also recommend regularly updating device firmware and applying security patches as they become available.
Otonata is fully committed to supporting you in your home environment, with your security as our highest priority. Should you encounter any issues or require assistance, please feel free to reach out to our support team.
Reference: CVE-2023-39509
