18 matches found
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
EUVD-2014-5319
Malware in sbrugna...
EUVD-2014-5322
Malware in sbrugna...
EUVD-2020-4355
Malware in sbrugna...
EUVD-2014-5320
Malware in sbrugna...
EUVD-2014-5321
Malware in sbrugna...
CISA Releases Six Industrial Control Systems Advisories
CISA has released six 6 Industrial Control Systems ICS advisories on September 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
CVE-2020-12039
CVE-2020-12039 affects Baxter Sigma Spectrum Infusion System v6.x (35700BAX) and v8.x (35700BAX2); hard-coded passwords entered via keypad grant access to biomedical menus, including device settings, calibration values, and WBM network configuration. This is a local/physical-access issue with pub...
Unspecified Vulnerability in Baxter Sigma Spectrum Infusion System and Baxter Spectrum Infusion System
The Baxter Sigma Spectrum Infusion System and the Baxter Spectrum Infusion System are both infusion pumps from Baxter, Inc. A security vulnerability exists in the Baxter Sigma Spectrum Infusion System version 6.x model 35700BAX and the Baxter Spectrum Infusion System version 8.x model 35700BAX2,...
Baxter Sigma Spectrum Infusion Pumps (Update B)
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Sigma Spectrum Infusion Pumps Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Operation on...
Hardcoded credentials
Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...
Design/Logic Flaw
An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...
Command injection
Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...
CVE-2014-5434
Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to or from the WBM using this account. Baxter has released a new...
CVE-2014-5433
An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...