Lucene search
K
BbraunSpacecom2

5 matches found

CVE
CVE
added 2021/08/25 11:38 a.m.59 views

CVE-2021-33886

CVE-2021-33886 describes an Improper Input Sanitization in B. Braun SpaceCom2, allowing remote, unauthenticated attackers on the same network to gain user-level command-line access by passing a raw string to printf. The vulnerability is tied to SpaceCom2 before 012U000062. Connected sources (Red ...

8.8CVSS8.7AI score0.00827EPSS
CVE
CVE
added 2021/08/25 11:38 a.m.58 views

CVE-2021-33885

CVE-2021-33885 is a vulnerability in B. Braun SpaceCom2 before 012U000062 (CWE-345, Insufficient Verification of Data Authenticity). A remote, unauthenticated attacker can send malicious data that is used in place of correct data, enabling full system command access and execution due to the lack ...

10CVSS9.6AI score0.0558EPSS
CVE
CVE
added 2021/08/25 11:19 a.m.55 views

CVE-2021-33883

CVE-2021-33883 affects B. Braun SpaceCom2 prior to 012U000062, exposing a cleartext transmission vulnerability that allows remote attackers to snoop network traffic and obtain sensitive data, including pump internal configuration values. Connected documents also describe related issues in SpaceCo...

7.5CVSS7.3AI score0.00832EPSS
CVE
CVE
added 2021/08/25 11:19 a.m.47 views

CVE-2021-33882

CVE-2021-33882 affects B. Braun SpaceCom2 prior to 012U000062 and is a Missing Authentication for Critical Function issue that lets a remote attacker reconfigure the device via unauthenticated commands on the SpaceCom/SpaceStation interface. Public Red Hat/US advisories and the McAfee/Trellix ana...

8.6CVSS8.5AI score0.011EPSS
CVE
CVE
added 2021/08/25 11:20 a.m.46 views

CVE-2021-33884

CVE-2021-33884 affects B. Braun SpaceCom2 prior to 012U000062 and allows unrestricted upload of files to the device’s /tmp directory via the web API, potentially overwriting critical files. Connected sources also describe mitigations: B. Braun patches (012U000062+ in SpaceCom2) and related adviso...

9.1CVSS9.2AI score0.00984EPSS