MEDIUM🇬🇧 English

CVE-2020-10598

CVSS 6.1v3.1pub. 2020-04-01upd. 2024-11-21

In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Bd Pyxis Anesthesia Station Es

    HW
    Bd
    wszystkie wersje
  • Bd Pyxis Anesthesia Station Es Firmware

    OS
    Bd
    1.6.1
  • Bd Pyxis Medstation Es

    HW
    Bd
    wszystkie wersje
  • Bd Pyxis Medstation Es Firmware

    OS
    Bd
    1.6.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-22767HIGH8.8ten sam produkt

Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these...

CVE-2022-22766HIGH7.0ten sam produkt

Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain ...

CVE-2019-10959CRITICAL10.0ten sam vendor

BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1...

CVE-2018-14786CRITICAL9.4ten sam vendor

Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps (models Alaris GS, Alaris GH, Alaris CC, ...

CVE-2017-6022CRITICAL9.8ten sam vendor

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 an...