CVE-2020-12041

EPSS 0.28%
Veröffentlicht 29.06.2020 14:15:11
Zuletzt bearbeitet 21.11.2024 04:59:10
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Baxter ≫ Sigma Spectrum Infusion System Firmware Version8.0

   Baxter ≫ Sigma Spectrum Infusion System Version-
   Baxter ≫ Wireless Battery Module Version17
   Baxter ≫ Wireless Battery Module Version20d29
   Baxter ≫ Wireless Battery Module Version20d30
   Baxter ≫ Wireless Battery Module Version20d31
   Baxter ≫ Wireless Battery Module Version22d24

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.28%	0.484

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.4	3.9	5.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

https://www.us-cert.gov/ics/advisories/icsma-20-170-04

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2020-12041

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-12041

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-12041

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2020-12041