The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is running.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HBd Alaris 8015 Pcu
HWBdwszystkie wersjeBd Alaris 8015 Pcu Firmware
OSBd≤ 12.1.3
Related vulnerabilities
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and ea...
The firmware update package for the wireless card is not properly signed and can be modified.
The configuration from the PCU can be modified without authentication using physical connection to the PCU. ...
BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1...
Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps (models Alaris GS, Alaris GH, Alaris CC, ...