Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-0888
HistoryMar 13, 2023 - 9:15 a.m.

Design/Logic Flaw

2023-03-1309:15:00
PRIOn knowledge base
www.prio-n.com
6
improper neutralization of directives
dynamically evaluated code
wifi battery
root access
infusion pump communication

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.4%

JSON

An improper neutralization of directives in dynamically evaluated code vulnerability in the WiFi Battery embedded web server in versions L90/U70 and L92/U92 can be used to gain administrative access to the WiFi communication module. An authenticated user, having access to both the medical device WiFi network (such as a biomedical engineering staff member) and the specific B.Braun Battery Pack SP with WiFi web server credentials, could get administrative (root) access on the infusion pump communication module. This could be used as a vector to start further attacks

Related

ics 1
cvelist 1
nvd 1
cve 1
ics
ics
B. Braun Battery Pack SP with Wi-Fi
2023-04-13 12:00:00
cvelist
cvelist
CVE-2023-0888 Authenticated eval injection in B. Braun Space Battery pack SP with Wi-Fi
2023-03-13 08:14:32
nvd
nvd
CVE-2023-0888
2023-03-13 09:15:10
cve
cve
CVE-2023-0888
2023-03-13 09:15:10

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.4%

JSON
Related for PRION:CVE-2023-0888
ics1cvelist1nvd1cve1