Lucene search
K

92 matches found

BDU FSTEC
BDU FSTEC
added 2022/08/01 12:0 a.m.5 views

The vulnerability of the import mechanism for configuration files of microprogrammed medical equipment from B. Braun Melsungen AG’s SpaceCom and B. Braun Melsungen AG’s Data Module CompactPlus allows a malicious individual to elevate their privileges to the root level.

The vulnerability of the import mechanism for configuration files of microprogrammed medical devices from B. Braun Melsungen AG SpaceCom and B. Braun Melsungen AG Data Module CompactPlus is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to elevate...

7.2CVSS6.6AI score0.0024EPSS
Exploits0References4
OSV
OSV
added 2022/04/14 9:15 p.m.3 views

CVE-2020-25166

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper...

7.1CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.17 views

CVE-2020-25160

Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration...

6.8CVSS0.002EPSS
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.11 views

CVE-2020-25168

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...

3.3CVSS0.00206EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.5 views

CVE-2020-25156

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root...

7.2CVSS5.8AI score0.0114EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.3 views

CVE-2020-25164

A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to recover user credentials of the administrative interface...

7.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.3 views

CVE-2020-25160

Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration...

6.3CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.15 views

CVE-2020-25162

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to access sensitive information and escalate privileges...

7.8CVSS0.01806EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.6 views

CVE-2020-25168

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...

3.3CVSS5.8AI score0.00206EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.3 views

CVE-2020-25158

A reflected cross-site scripting XSS vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to inject arbitrary web script or HTML into various locations...

6.1CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.13 views

CVE-2020-25164

A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to recover user credentials of the administrative interface...

7.5CVSS0.00599EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.4 views

CVE-2020-25162

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to access sensitive information and escalate privileges...

7.5CVSS7.2AI score0.01806EPSS
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.11 views

CVE-2020-25158

A reflected cross-site scripting XSS vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to inject arbitrary web script or HTML into various locations...

7.6CVSS0.00815EPSS
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.14 views

CVE-2020-25156

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root...

9CVSS0.0114EPSS
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.29 views

CVE-2020-25166

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper...

7.6CVSS0.00455EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.5 views

CVE-2020-16238

A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user...

6.7CVSS6.7AI score0.0024EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.4 views

CVE-2020-25152

A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges...

8.1CVSS5.8AI score0.01231EPSS
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.20 views

CVE-2020-25152

A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges...

8.1CVSS0.01231EPSS
Exploits0References2
OSV
OSV
added 2022/04/14 9:15 p.m.4 views

CVE-2020-25154

An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious websites...

6.1CVSS5.8AI score0.00637EPSS
Exploits0References2
NVD
NVD
added 2022/04/14 9:15 p.m.16 views

CVE-2020-16238

A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user...

7.2CVSS0.0024EPSS
Exploits0References2
Rows per page
Query Builder