CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8066 matches found

NVD•added 2020/06/29 2:15 p.m.•9 views

CVE-2020-12035

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service password that provides access to biomedical information, device settings, calibration settings, and network configuration. This could allow an attacker to modify device settings...

4.9CVSS0.00247EPSS

Exploits0References2

NVD•added 2020/06/29 2:15 p.m.•24 views

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

9.8CVSS0.01662EPSS

Exploits0References1

NVD•added 2020/06/29 2:15 p.m.•13 views

CVE-2020-12016

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account...

10CVSS0.01856EPSS

Exploits0References1

NVD•added 2020/06/29 2:15 p.m.•17 views

CVE-2020-12045

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when used in conjunction with a Baxter Spectrum v8.x model 35700BAX2, operates a Telnet service on Port 1023 with hard-coded credentials...

9.8CVSS0.01662EPSS

Exploits0References1

Prion•added 2020/06/29 2:15 p.m.•20 views

Hardcoded credentials

7.5CVSS9.4AI score0.01662EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/06/29 1:54 p.m.•14 views

CVE-2020-12012

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 have hard-coded administrative account credentials f...

6.2AI score0.00345EPSS

Exploits0References1

CVE•added 2020/06/29 1:54 p.m.•49 views

CVE-2020-12012

CVE-2020-12012 affects Baxter ExactaMix EM2400 and EM1200 systems (versions listed in connected documents). The root cause is hard-coded administrative credentials in the ExactaMix application, enabling an attacker with physical access to view/update system configuration and data, potentially exp...

6.1CVSS6.2AI score0.00345EPSS

Exploits0References1Affected Software1

CVE•added 2020/06/29 1:54 p.m.•52 views

CVE-2020-12016

CVE-2020-12016 affects Baxter ExactaMix EM2400 (versions 1.10, 1.11, 1.13, 1.14) and EM1200 (versions 1.1, 1.2, 1.4, 1.5). The root cause is hard-coded administrative credentials in the ExactaMix operating system, enabling an attacker with network access to gain unauthorized system access and pot...

10CVSS9.3AI score0.01856EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/06/29 1:54 p.m.•15 views

CVE-2020-12016

9.4AI score0.01856EPSS

Exploits0References1

Cvelist•added 2020/06/29 1:49 p.m.•10 views

CVE-2020-12035

5.1AI score0.00247EPSS

Exploits0References1

CVE•added 2020/06/29 1:49 p.m.•53 views

CVE-2020-12035

CVE-2020-12035 affects Baxter PrismaFlex (all versions) and PrisMax (all versions prior to 3.x). Root cause is a hard-coded service password that grants access to biomedical information, device settings, calibration settings, and network configuration, enabling an attacker to modify device settin...

4.9CVSS5.1AI score0.00247EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/06/29 1:43 p.m.•17 views

CVE-2020-12045

9.5AI score0.01662EPSS

Exploits0References1

CVE•added 2020/06/29 1:43 p.m.•48 views

CVE-2020-12045

CVE-2020-12045 affects Baxter Spectrum WBM when used with Baxter Spectrum v8.x; the WBM runs a Telnet service on port 1023 with hard-coded credentials. Connected sources document a Telnet exposure tied to WBM/Spectrum configurations and assign high/severe CVSS values (up to 9.8) for this vulnerab...

9.8CVSS9.4AI score0.01662EPSS

Exploits0References1Affected Software1

CVE•added 2020/06/29 1:41 p.m.•57 views

CVE-2020-12047

CVE-2020-12047 affects Baxter Spectrum WBM when used with Spectrum v8.x (model 35700BAX2) in factory-default wireless config; the WBM enables an FTP service with hard-coded credentials (versions v17, v20D29–v20D32, v22D24). Root cause: hard-coded credentials enabling FTP access. Impact per source...

9.8CVSS9.4AI score0.01662EPSS

Exploits0References1Affected Software1

CNVD•added 2020/06/19 12:0 a.m.•8 views

Baxter Sigma Spectrum Infusion System and Spectrum Infusion System Trust Management Issues Vulnerabilities

The Baxter Sigma Spectrum Infusion System and the Baxter Spectrum Infusion System are both infusion pumps from Baxter, Inc. A trust management issue vulnerability exists in the Baxter Sigma Spectrum Infusion System version 6.x model 35700BAX and the Baxter Spectrum Infusion System version 8.x mod...

2.4CVSS6.8AI score0.00333EPSS

Exploits0References1

CNVD•added 2020/06/19 12:0 a.m.•7 views

Baxter Spectrum WBM Trust Management Issues Vulnerability

The Baxter WBM and Baxter Spectrum are both products of Baxter, Inc.The Baxter WBM is a wireless battery module for use with Baxter products.The Baxter Spectrum is an infusion pump. The WBM used in the Baxter Spectrum has a security vulnerability that can be exploited by an attacker to run Telnet...

9.8CVSS6.9AI score0.01662EPSS

Exploits0References1

CNVD•added 2020/06/19 12:0 a.m.•10 views

Baxter ExactaMix EM2400 and ExactaMix EM1200 Trust Management Issues Vulnerability

The Baxter ExactaMix EM2400 and ExactaMix EM1200 are both automated drug mixing systems from Baxter. A trust management issue vulnerability exists in the Baxter ExactaMix EM2400 and ExactaMix EM1200, which stems from hard-coded credentials used in the admin account of the ExactaMix operating...

10CVSS6.8AI score0.01856EPSS

Exploits0References1

CNVD•added 2020/06/19 12:0 a.m.•8 views

Baxter ExactaMix EM2400 and ExactaMix EM1200 Trust Management Issues Vulnerability (CNVD-2021-21074)

The Baxter ExactaMix EM2400 and ExactaMix EM1200 are both automated drug mixing systems from Baxter. A trust management issue vulnerability exists in the Baxter ExactaMix EM2400 and ExactaMix EM1200, which stems from the ExactaMix application's use of hard-coded administrative account credentials...

6.1CVSS6.5AI score0.00345EPSS

Exploits0References1

CNVD•added 2020/06/19 12:0 a.m.•3 views

Baxter PrismaFlex Hardcoding Vulnerability

The Baxter PrismaFlex is a critical care device from Baxter. A hard-coded vulnerability exists in Baxter PrismaFlex all versions that stems from the fact that PrismaFlex contains a hard-coded service password that can be exploited by an attacker to modify device settings and calibration values...

7.5CVSS7.1AI score0.00483EPSS

Exploits0References1

ICS•added 2020/06/18 12:0 a.m.•109 views

Baxter Sigma Spectrum Infusion Pumps (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Sigma Spectrum Infusion Pumps Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Operation on...

9.8CVSS7.9AI score0.02081EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by