64 matches found
CVE-2020-12043
The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when configured for wireless networking the FTP service operating on the WBM remains operational until the WBM is rebooted...
CVE-2020-12047
The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...
EUVD-2020-4363
Malware in sbrugna...
EUVD-2020-4357
Malware in sbrugna...
EUVD-2020-4361
Malware in sbrugna...
EUVD-2020-4359
Malware in sbrugna...
EUVD-2022-30952
Malicious code in bioql PyPI...
EUVD-2022-30953
Malicious code in bioql PyPI...
EUVD-2022-30949
Malicious code in bioql PyPI...
EUVD-2022-30951
Malicious code in bioql PyPI...
CVE-2020-12045
The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when used in conjunction with a Baxter Spectrum v8.x model 35700BAX2, operates a Telnet service on Port 1023 with hard-coded credentials...
CVE-2022-26392
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...
CVE-2022-26393
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service DoS on the WBM...
CVE-2022-26394
The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to perform a man in the middle attack that modifies parameters making the network connection fail...
CVE-2022-26390
The Baxter Spectrum Wireless Battery Module WBM stores network credentials and PHI only applicable to Spectrum IQ pumps using auto programming in unencrypted form. An attacker with physical access to a device that hasn't had all data and settings erased may be able to extract sensitive informatio...
CVE-2022-26390
The Baxter Spectrum Wireless Battery Module WBM stores network credentials and PHI only applicable to Spectrum IQ pumps using auto programming in unencrypted form. An attacker with physical access to a device that hasn't had all data and settings erased may be able to extract sensitive informatio...
CVE-2022-26394
The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to perform a man in the middle attack that modifies parameters making the network connection fail...
CVE-2022-26392
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...
Format string
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...
Authentication flaw
The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to perform a man in the middle attack that modifies parameters making the network connection fail...