Lucene search
K

209 matches found

ICS
ICS
added 2020/06/18 12:0 a.m.129 views

Baxter Sigma Spectrum Infusion Pumps (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Sigma Spectrum Infusion Pumps Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Operation on...

9.8CVSS7.9AI score0.02081EPSS
Exploits1References5
ICS
ICS
added 2020/06/18 12:0 a.m.37 views

Baxter PrismaFlex and PrisMax (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: PrismaFlex and PrisMax Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Authentication, Use of Hard-Coded Password 2. UPDATE INFORMATION This updated...

7.5CVSS7.2AI score0.00496EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.149 views

Baxter ExactaMix (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: Baxter ExactaMix EM 2400 & EM 1200 Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Missing Encryption of Sensitive Data, Improper Access...

10CVSS9.3AI score0.93307EPSS
Exploits47References5
Prion
Prion
added 2019/03/26 4:29 p.m.18 views

Hardcoded credentials

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...

4.6CVSS6.9AI score0.00378EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/03/26 4:29 p.m.17 views

Design/Logic Flaw

An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...

7.5CVSS7.7AI score0.02062EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/03/26 4:29 p.m.22 views

CVE-2014-5431

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...

6.8CVSS7.3AI score0.00378EPSS
Exploits0References1
NVD
NVD
added 2019/03/26 4:29 p.m.23 views

CVE-2014-5433

An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...

9.8CVSS9.9AI score0.02062EPSS
Exploits0References1
Prion
Prion
added 2019/03/26 4:29 p.m.18 views

Command injection

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

7.5CVSS7.3AI score0.02573EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/03/26 4:29 p.m.15 views

CVE-2014-5432

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

9.8CVSS9.6AI score0.02573EPSS
Exploits0References1
CVE
CVE
added 2019/03/26 3:37 p.m.54 views

CVE-2014-5431

CVE-2014-5431 affects Baxter SIGMA Spectrum Infusion System 6.05 with Wireless Battery Module 16. The issue is a hard-coded password that grants access to WBM management functions, enabling unauthorized configuration changes (e.g., wireless status and phase-complete audible alarm). The vulnerabil...

6.8CVSS6.5AI score0.00378EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/26 3:37 p.m.18 views

CVE-2014-5431

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...

6.9AI score0.00378EPSS
Exploits0References1
NVD
NVD
added 2019/03/26 3:29 p.m.23 views

CVE-2014-5434

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to or from the WBM using this account. Baxter has released a new...

9.8CVSS9.6AI score0.0156EPSS
Exploits0References1
Prion
Prion
added 2019/03/26 3:29 p.m.19 views

Hardcoded credentials

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to or from the WBM using this account. Baxter has released a new...

5CVSS7AI score0.0156EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/03/26 3:17 p.m.47 views

CVE-2014-5432

CVE-2014-5432 affects Baxter SIGMA Spectrum Infusion System v6.05 (model 35700BAX) with Wireless Battery Module (WBM) v16. The root cause includes unauthenticated remote SSH access (Port 22) and related credential exposure. Consequences: remote attacker could modify WBM configuration and retrieve...

9.8CVSS9.3AI score0.02573EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/26 3:17 p.m.18 views

CVE-2014-5432

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

9.6AI score0.02573EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/26 3:7 p.m.18 views

CVE-2014-5433

An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...

9.9AI score0.02062EPSS
Exploits0References1
CVE
CVE
added 2019/03/26 3:7 p.m.56 views

CVE-2014-5433

CVE-2014-5433 affects Baxter’s SIGMA Spectrum Infusion System (Version 6.05, model 35700BAX) with the Wireless Battery Module (WBM) Version 16. The connected disclosures describe multiple issues: a hard-coded password enabling unauthorized management access (CWE-259), an authentication bypass tie...

9.8CVSS9.7AI score0.02062EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/26 2:59 p.m.20 views

CVE-2014-5434

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to or from the WBM using this account. Baxter has released a new...

9.6AI score0.0156EPSS
Exploits0References1
CVE
CVE
added 2019/03/26 2:59 p.m.42 views

CVE-2014-5434

The CVE-2014-5434 entry concerns Baxter’s SIGMA Spectrum Infusion System: version 6.05 (model 35700BAX) with Wireless Battery Module (WBM) version 16, which contains a default, hard-coded credential used with FTP. The vulnerability allows remote access in some vectors (three vulnerabilities remot...

9.8CVSS9.3AI score0.0156EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/11/06 12:0 a.m.4 views

Baxter SIGMA Spectrum Infusion System Local Security Bypass Vulnerability

The Baxter SIGMA Spectrum Infusion System is an intelligent infusion system from Baxter. A local security bypass vulnerability exists in the Baxter SIGMA Spectrum Infusion System. A local attacker could use this vulnerability to bypass security restrictions and perform unauthorized operations...

6.8CVSS6.6AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder