24 matches found
CVE-2021-33882
A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands...
EUVD-2021-20555
Malware in sbrugna...
EUVD-2021-20559
Malware in sbrugna...
CVE-2021-33884
An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers to upload any files to the /tmp directory of the device through the webpage API. This can result in critical files being overwritten...
B. Braun SpaceCom2 has an unspecified vulnerability
B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to external devices to record data in a patient data management system, PC or USB memory stick.A security vulnerability exists in previous versions of B. Braun SpaceCom2 012U000062, which stems from the fact that publicly...
B. Braun SpaceCom2 input validation error vulnerability
B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to an external device to record data in a patient data management system, PC, or USB memory stick. A remote, unauthenticated attacker could use this vulnerability to gain user-level command-line access by passing a raw extern...
CVE-2021-33886
An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as t...
CVE-2021-33885
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used in place of the correct data. This results in full system command access and execution because of...
CVE-2021-33883
A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to obtain sensitive information by snooping on the network traffic. The exposed data includes critical values for a pump's internal configuration...
CVE-2021-33882
A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands...
Design/Logic Flaw
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used in place of the correct data. This results in full system command access and execution because of...
Unrestricted file upload
An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers to upload any files to the /tmp directory of the device through the webpage API. This can result in critical files being overwritten...
Authentication flaw
A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands...
Design/Logic Flaw
A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to obtain sensitive information by snooping on the network traffic. The exposed data includes critical values for a pump's internal configuration...
CVE-2021-33886
CVE-2021-33886 describes an Improper Input Sanitization in B. Braun SpaceCom2, allowing remote, unauthenticated attackers on the same network to gain user-level command-line access by passing a raw string to printf. The vulnerability is tied to SpaceCom2 before 012U000062. Connected sources (Red ...
CVE-2021-33885
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used in place of the correct data. This results in full system command access and execution because of...
CVE-2021-33884
An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers to upload any files to the /tmp directory of the device through the webpage API. This can result in critical files being overwritten...
CVE-2021-33884
CVE-2021-33884 affects B. Braun SpaceCom2 prior to 012U000062 and allows unrestricted upload of files to the device’s /tmp directory via the web API, potentially overwriting critical files. Connected sources also describe mitigations: B. Braun patches (012U000062+ in SpaceCom2) and related adviso...
CVE-2021-33883
A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to obtain sensitive information by snooping on the network traffic. The exposed data includes critical values for a pump's internal configuration...
CVE-2021-33883
CVE-2021-33883 affects B. Braun SpaceCom2 prior to 012U000062, exposing a cleartext transmission vulnerability that allows remote attackers to snoop network traffic and obtain sensitive data, including pump internal configuration values. Connected documents also describe related issues in SpaceCo...