MEDIUM🇬🇧 English

CVE-2022-43557

CVSS 5.3v3.1pub. 2022-12-05upd. 2024-11-21

The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
  • Bd Bodyguard 121 Twins

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard 121 Twins Firmware

    OS
    Bd
    wszystkie wersje
  • Bd Bodyguard 323 Colorvision

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard 323 Colorvision Firmware

    OS
    Bd
    wszystkie wersje
  • Bd Bodyguard 999 603

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard 999 603 Firmware

    OS
    Bd
    wszystkie wersje
  • Bd Bodyguard Duo 999 903

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard Duo 999 903 Firmware

    OS
    Bd
    wszystkie wersje
  • Bd Bodyguard Epidural 999 683

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard Epidural 999 683 Firmware

    OS
    Bd
    wszystkie wersje
  • Bd Bodyguard Pain Manager 999 803

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard Pain Manager 999 803 Firmware

    OS
    Bd
    wszystkie wersje
  • Bd Bodyguard T 999 103

    HW
    Bd
    wszystkie wersje
  • Bd Bodyguard T 999 103 Firmware

    OS
    Bd
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2019-10959CRITICAL10.0ten sam vendor

BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1...

CVE-2018-14786CRITICAL9.4ten sam vendor

Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps (models Alaris GS, Alaris GH, Alaris CC, ...

CVE-2017-6022CRITICAL9.8ten sam vendor

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 an...

CVE-2023-30563HIGH8.2ten sam vendor

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked session.

CVE-2022-47376HIGH7.3ten sam vendor

The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the inst...

CVE-2022-43557 — MEDIUM 5.3 | CVEbaza.pl