3819 matches found
CVE-2020-12012
CVE-2020-12012 affects Baxter ExactaMix EM2400 and EM1200 systems (versions listed in connected documents). The root cause is hard-coded administrative credentials in the ExactaMix application, enabling an attacker with physical access to view/update system configuration and data, potentially exp...
CVE-2020-12016
Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account...
CVE-2020-12016
CVE-2020-12016 affects Baxter ExactaMix EM2400 (versions 1.10, 1.11, 1.13, 1.14) and EM1200 (versions 1.1, 1.2, 1.4, 1.5). The root cause is hard-coded administrative credentials in the ExactaMix operating system, enabling an attacker with network access to gain unauthorized system access and pot...
CVE-2020-12045
CVE-2020-12045 affects Baxter Spectrum WBM when used with Baxter Spectrum v8.x; the WBM runs a Telnet service on port 1023 with hard-coded credentials. Connected sources document a Telnet exposure tied to WBM/Spectrum configurations and assign high/severe CVSS values (up to 9.8) for this vulnerab...
CVE-2020-12045
The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when used in conjunction with a Baxter Spectrum v8.x model 35700BAX2, operates a Telnet service on Port 1023 with hard-coded credentials...
CVE-2020-12047
CVE-2020-12047 affects Baxter Spectrum WBM when used with Spectrum v8.x (model 35700BAX2) in factory-default wireless config; the WBM enables an FTP service with hard-coded credentials (versions v17, v20D29–v20D32, v22D24). Root cause: hard-coded credentials enabling FTP access. Impact per source...
Baxter ExactaMix EM2400 and ExactaMix EM1200 Trust Management Issues Vulnerability
The Baxter ExactaMix EM2400 and ExactaMix EM1200 are both automated drug mixing systems from Baxter. A trust management issue vulnerability exists in the Baxter ExactaMix EM2400 and ExactaMix EM1200, which stems from hard-coded credentials used in the admin account of the ExactaMix operating...
Baxter ExactaMix EM2400 and ExactaMix EM1200 Trust Management Issues Vulnerability (CNVD-2021-21074)
The Baxter ExactaMix EM2400 and ExactaMix EM1200 are both automated drug mixing systems from Baxter. A trust management issue vulnerability exists in the Baxter ExactaMix EM2400 and ExactaMix EM1200, which stems from the ExactaMix application's use of hard-coded administrative account credentials...
Baxter Spectrum WBM Trust Management Issues Vulnerability
The Baxter WBM and Baxter Spectrum are both products of Baxter, Inc.The Baxter WBM is a wireless battery module for use with Baxter products.The Baxter Spectrum is an infusion pump. The WBM used in the Baxter Spectrum has a security vulnerability that can be exploited by an attacker to run Telnet...
Schneider Electric Unity Loader and OS Loader Software Trust Management Issues Vulnerability
Schneider Electric Unity Loader and OS Loader Software are both products of Schneider Electric, France.Unity Loader is a data exchange utility program.OS Loader Software is a system loading utility program. A trust management issue vulnerability exists in Schneider Electric Unity Loader and OS...
CVE-2020-7501
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic V1.1 HotFix 16 and prior and Vijeo Designer V6.2 SP9 and prior which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer...
CVE-2020-7501
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic V1.1 HotFix 16 and prior and Vijeo Designer V6.2 SP9 and prior which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer...
CVE-2020-7498
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...
Hardcoded credentials
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...
Hardcoded credentials
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic V1.1 HotFix 16 and prior and Vijeo Designer V6.2 SP9 and prior which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer...
CVE-2020-7501
CVE-2020-7501 affects Schneider Electric’s Vijeo Designer Basic (V1.1 HotFix 16 and earlier) and Vijeo Designer (V6.2 SP9 and earlier). The vulnerability is a CWE-798 hard-coded credentials issue that could enable unauthorized read and write during project or firmware download/upload operations i...
CVE-2020-7501
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic V1.1 HotFix 16 and prior and Vijeo Designer V6.2 SP9 and prior which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer...
CVE-2020-7498
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...
CVE-2020-7498
The CVE-2020-7498 entry concerns Schneider Electric Unity Loader and OS Loader Software (all versions) with a CWE-798 issue: the use of hard-coded credentials to simplify file transfers. This root cause means an attacker could potentially gain unauthorized access to the file transfer service used...
Security Bulletin: IBM Spectrum Protect Plus is vulnerable to authentication bypass (CVE-2020-4216)
Summary IBM Spectrum Protect Plus is vulnerable to authentication bypass due to use of hard-coded credentials. Vulnerability Details CVEID: CVE-2020-4216 DESCRIPTION: IBM Spectrum Protect Plus contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own...