Lucene search
K
BbraunSpacecom

11 matches found

CVE
CVE
added 2022/04/14 8:5 p.m.69 views

CVE-2020-25158

CVE-2020-25158 is a reflected XSS vulnerability affecting B. Braun SpaceCom, Battery Pack with Wi‑Fi, and Data module compactplus (SpaceCom v L81/U61 and earlier; compactplus A10/A11). The ICS advisory details multiple related issues (XSS and other CVEs) and confirms impact when these components ...

7.6CVSS6.2AI score0.00815EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.66 views

CVE-2020-16238

CVE-2020-16238 affects B. Braun SpaceCom/Lx configurations and Data module compactplus (versions L81/U61 and earlier outside US; A10/A11 in compactplus). The root cause is an improper privilege escalation via the configuration import mechanism, enabling attackers with local command‑line access to...

7.2CVSS7AI score0.0024EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.66 views

CVE-2020-25162

CVE-2020-25162 is an XPath injection vulnerability affecting B. Braun SpaceCom, Battery Pack SP with Wi‑Fi, and Data module compactplus. Affected software: SpaceCom/L81 (and U61) and Data module compactplus/A10–A11 (non‑US distribution). Root cause per the advisory: improper handling of XPath exp...

7.8CVSS7.9AI score0.01806EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.65 views

CVE-2020-25150

CVE-2020-25150 describes a relative path traversal vulnerability in B. Braun Melsungen AG SpaceCom (versions L81/U61 and earlier) and Data module compactplus (versions A10 and A11). The underlying issue enables attackers with service-user privileges to upload arbitrary files via a crafted tar fil...

9CVSS8.3AI score0.0147EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.63 views

CVE-2020-25156

CVE-2020-25156 concerns active debug code in B. Braun SpaceCom (versions L8/U61 and earlier) and Data module compactplus (A10/A11 and earlier) enabling possession of cryptographic material to gain root access. Connected sources confirm affected products and versions, with remediation updates rele...

9CVSS7.2AI score0.0114EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.62 views

CVE-2020-25166

CVE-2020-25166 concerns an improper verification of the cryptographic signature for firmware updates in B. Braun SpaceCom devices (SpaceCom, Battery Pack with Wi‑Fi) and Data module compactplus (versions L81/U61 and A10/A11). The root cause is signature verification weakness, allowing attackers t...

7.6CVSS7.3AI score0.00455EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.61 views

CVE-2020-25154

CVE-2020-25154 is an open redirect vulnerability in the B. Braun Melsungen AG SpaceCom family (SpaceCom SpaceStation, Battery Pack with Wi‑Fi) and the Data module compactplus (A10/A11). The ICS advisory (ICSMA-20-296-02) confirms a remote, unauthenticated open redirect in the administrative inter...

6.1CVSS6.1AI score0.00637EPSS
CVE
CVE
added 2022/04/14 8:6 p.m.61 views

CVE-2020-25164

CVE-2020-25164 affects B. Braun SpaceCom (L81/U61 and earlier) and Data module compactplus (A10/A11). Root cause: use of a one-way hash without a salt, enabling attackers with local access to recover administrative credentials. Impact: unauthorized access to the administrative interface. Affected...

7.5CVSS7AI score0.00599EPSS
CVE
CVE
added 2022/04/14 8:6 p.m.61 views

CVE-2020-25168

Hard-coded credentials in B. Braun SpaceCom and Data module compactplus (L81/U61 and A10/A11) enable attackers with command-line access to reach the device’s Wi‑Fi module. Affected: SpaceCom, Battery Pack with Wi‑Fi, Data module compactplus. Remediation: software updates released by B. Braun (US/...

3.3CVSS4.3AI score0.00206EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.57 views

CVE-2020-25160

CVE-2020-25160 involves improper access controls in B. Braun SpaceCom (versions L81/U61 and earlier), Battery Pack with Wi‑Fi (U61/L81 and earlier), and Data module compactplus (A10/A11). The root cause is improper access control that allows attackers to extract and tamper with the devices’ netwo...

6.8CVSS6.7AI score0.002EPSS
CVE
CVE
added 2022/04/14 8:5 p.m.55 views

CVE-2020-25152

CVE-2020-25152 is a session fixation vulnerability in B. Braun SpaceCom administrative interface and the Data module compactplus. Affected: SpaceCom software versions L81/U61 and earlier (outside US) and SpaceCom 2; Data module compactplus versions A10 and A11. Root cause: session fixation that c...

8.1CVSS7.3AI score0.01231EPSS