14 matches found
CVE-2020-12048
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption e.g., TLS/SSL when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker wi...
CVE-2020-12037
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
EUVD-2020-4353
Malware in sbrugna...
EUVD-2020-4352
Malware in sbrugna...
CVE-2020-12036
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
CVE-2020-12037
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
CVE-2020-12048
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption e.g., TLS/SSL when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker wi...
CVE-2020-12036
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
Design/Logic Flaw
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
Design/Logic Flaw
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption e.g., TLS/SSL when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker wi...
Design/Logic Flaw
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
CVE-2020-12037
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
CVE-2020-12048
CVE-2020-12048 affects Baxter’s Phoenix Hemodialysis Delivery System software versions 3.36 and 3.40. The vulnerability is cleartext transmission of sensitive data (CWE-319): the system does not support data-in-transit encryption (e.g., TLS/SSL) when sending treatment and prescription data over t...
CVE-2020-12048
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption e.g., TLS/SSL when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker wi...