CVE-2024-33618
Received Received - Intake
Uncontrolled Resource Consumption in Bosch VMS Central Server

Publication date: 2026-04-15

Last updated on: 2026-04-15

Assigner: Robert Bosch GmbH

Description
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-15
Last Modified
2026-04-15
Generated
2026-06-16
AI Q&A
2026-04-15
EPSS Evaluated
2026-06-15
NVD
CVE-2024-33618
EUVD
EUVD-2024-55542
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
bosch bosch_vms From 6.0 (inc) to 12.0.1 (inc)
bosch bosch_bvms_viewer From 8.0 (inc) to 12.0.1 (inc)
bosch divar_ip_all_in_one to 12.0.1 (inc)
bosch divar_ip_7000_series to 12.0.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The CVE-2024-33618 vulnerability affects Bosch VMS Central Server and related products, causing uncontrolled resource consumption that leads to excessive disk space usage.

This vulnerability allows attackers to consume large amounts of disk space via the network interface without requiring any privileges or user interaction.

It is classified as CWE-400 (Uncontrolled Resource Consumption) and has a high severity score of 7.5 according to CVSS v3.1.

Impact Analysis

This vulnerability can severely impact system availability and performance by preventing new data storage, request processing, and essential system functions.

Excessive disk space consumption may lead to system crashes and data loss.

Compliance Impact

Users are responsible for timely installation of updates to maintain security and compliance with relevant EU directives.

Failure to address this vulnerability could impact compliance by risking system availability and data integrity, which are important aspects of standards like GDPR and HIPAA.

Detection Guidance

The vulnerability causes uncontrolled resource consumption leading to excessive disk space usage on Bosch VMS Central Server and related products.

Detection involves monitoring the Bosch VMS Central Server for abnormal resource usage, especially disk space consumption.

Recommended detection methods include network segmentation, segregation, monitoring, log review, and setting up automated alerts for unusual disk space usage.

Specific commands are not provided in the advisory, but typical commands to check disk usage on affected systems could include standard OS commands such as 'df -h' on Linux or 'Get-PSDrive' in PowerShell on Windows to monitor disk space.

Mitigation Strategies

Immediate mitigation involves promptly updating affected Bosch VMS software to the fixed versions provided in the advisory.

  • Apply specific patches such as BVMS1201375_Patch_CCBlackCamSSH for BVMS and BVMS Viewer.
  • Install BVMS_12.0.1_Updates_SystemManager_package_1.2.zip for DIVAR IP devices.

Additionally, implement network security measures including network segmentation, segregation, monitoring, and log review to detect and prevent exploitation.

Timely installation of updates is critical to maintain security and compliance with relevant EU directives.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-33618. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart