- Top Results
Possible damage of secure element in Bosch IP cameras
There is a Security Advisory on this topic.
Due to an error in the software interface to the secure element chip on the cameras, the chip can be permanently damaged. Leading to an unusable camera when enabling the Video Authentication options (signing of the video stream).
The default setting for this option is "off" and is protected from this error. Watermarking is a pure checksum that does not involve the Secure Element and thus does not need mitigation. This error is only applicable if set to one of the other
3 Video Authentication settings , MD5, SHA-1 or SHA-256.
Affected Firmware
- For Linux, the error was introduced in FW 8.50 and is in all FW until being fixed in FW 8.80, so the error also affects 8.51. 8.52, 8.60, 8.71 and 8.72.
- For Android, the error has been fixed in FW 8.48 and the error affects all earlier versions.
If the customer needs to activate the Stream security (Video Authentication) option.
-
- And they are using LINUX (CPP14) FW 8.80 or Android (CPP13) FW 8.48 or newer firmware.
- The software will protect the camera from damage and the customer can use 1 second signature interval.
- If the customer needs to use the affected firmware for CPP13 and CPP14 (listed above).
- The customer needs to follow the mitigation below to protect the camera from permanent damage.
- Once the camera is damaged it can not be recovered.
- The customer needs to follow the mitigation below to protect the camera from permanent damage.
- And they are using LINUX (CPP14) FW 8.80 or Android (CPP13) FW 8.48 or newer firmware.
Mitigation:
1. Look at the image above,
- Select Configuration
- Select Camera
- Select Display Stamping
- In the Stream security section
5 Video Authentication as you can see is set to OFF, this is the default setting for all cameras.
- If the customer has this set to OFF, the customer will not be affected by this bug.
2. Option #1:
- If the customer has selected either MD5, SHA-1, SHA-256 in Video Authentications (shown above in the picture)
- The default value for the signature interval is 1 seconds. Increasing the signature interval to 30 seconds will mitigate
the problem without decreasing security of the signing process. During verification process of the video it might take
longer for the signature to be verified. - If the customer upgrades to FW 8.80 (or newer), the interval can be set to 1 second again.
- The default value for the signature interval is 1 seconds. Increasing the signature interval to 30 seconds will mitigate
3. Option #2
- The best mitigation is using the default settings (Video Authentication set to OFF), but the video stream will no longer be signed.
- Watermarking does not use Secure Element so that would also be a safe mitigation.
- If the customer upgrades to FW 8.80 (or newer), as stated before the Video Authentication can be enabled again and the interval can be set to 1 second if needed.
