6.1

CVE-2020-10598

EPSS 0.09%
Veröffentlicht 01.04.2020 21:15:13
Zuletzt bearbeitet 21.11.2024 04:55:40
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bd ≫ Pyxis Medstation Es Firmware Version1.6.1

Bd ≫ Pyxis Medstation Es Version-

Bd ≫ Pyxis Anesthesia Station Es Firmware Version1.6.1

Bd ≫ Pyxis Anesthesia Station Es Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.267

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	0.9	5.2	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov	3.6	3.9	4.9	AV:L/AC:L/Au:N/C:P/I:P/A:N

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

https://www.us-cert.gov/ics/advisories/icsma-20-091-01

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2020-10598

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-10598

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-10598

EUVD