25 matches found
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
EUVD-2020-4355
Malware in sbrugna...
EUVD-2022-46553
Malicious code in bioql PyPI...
PT-2025-24052 · B. Braun · B. Braun Onlinesuite
Name of the Vulnerable Software and Affected Versions: B.Braun OnlineSuite versions prior to AP 3.0 Description: A predefined administrative account is not documented and cannot be deactivated. This account cannot be misused from the network, only by local users on the server. The issue affects t...
CVE-2022-43557
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 serial port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information ePHI, protected heal...
Code injection
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 serial port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information ePHI, protected heal...
CVE-2022-43557
The CVE-2022-43557 issue affects BD BodyGuard infusion pumps via the RS-232 serial port. Documents consistently state that threat actors with physical access and specialized equipment could configure or disable the pump by exploiting the alternate hardware interface. The vulnerability has a CVSSv...
CVE-2022-43557 BD BodyGuard™ Pumps – RS-232 Interface Vulnerability
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 serial port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information ePHI, protected heal...
New Vulnerabilities Reported in Baxter's Internet-Connected Infusion Pumps
Multiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to dispense medication to patients. "Successful exploitation of these vulnerabilities could result in access to sensitive data and alterati...
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7, Inc. Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare. The affected products are: SIGMA Spectrum Infusion Pump Firmware Version 8.00.01 SIGMA Wi-Fi Battery Firmware Versions 16, 17, 20 D29 Rapid7 initially reported these issues to Baxte...
Baxter Spectrum 格式化字符串错误漏洞
Baxter Spectrum is an infusion pump from Baxter USA. A format string error vulnerability exists in the Baxter Sigma and Baxter Spectrum Infusion Pumps that stems from its susceptibility to a format string attack delivered via an application message resulting in an attacker being able to use it to...
Baxter Sigma Spectrum Infusion Pump (Update A)
1. EXECUTIVE SUMMARY --------- Begin Update A part 1 of 3 --------- CVSS v3 7.5 --------- End Update A part 1 of 3 --------- ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Sigma and Baxter Spectrum Infusion Pumps Vulnerabilities: Missing Encryption of Sensitive Data, Use of Externally...
75% of Tested Smart Infusion Pumps Vulnerable to Hacking
By Deeba Ahmed As of 2020, about 80% of hospitals in the United States were using smart infusion pumps. Palo Alto… This is a post from HackRead.com Read the original post: 75% of Tested Smart Infusion Pumps Vulnerable to Hacking...
Report: Nearly 75% of Infusion Pumps Affected by Severe Vulnerabilities
An analysis of data crowdsourced from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% of those medical devices contain security weaknesses that could put them at risk of potential exploitation. "These shortcomings included exposur...
B. Braun Infusomat Pumps Could Let Attackers Remotely Alter Medication Dosages
Cybersecurity researchers have disclosed five previously unreported security vulnerabilities affecting B. Braun's Infusomat Space Large Volume Pump and SpaceStation that could be abused by malicious parties to tamper with medication doses without any prior authentication. McAfee, which discovered...
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
Hardcoded credentials
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
CVE-2020-12039
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...
CVE-2020-12039
CVE-2020-12039 affects Baxter Sigma Spectrum Infusion System v6.x (35700BAX) and v8.x (35700BAX2); hard-coded passwords entered via keypad grant access to biomedical menus, including device settings, calibration values, and WBM network configuration. This is a local/physical-access issue with pub...
Baxter Sigma Spectrum Infusion Pumps (Update B)
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Sigma Spectrum Infusion Pumps Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Operation on...