CVE-2020-12039 Information
Feb 14, 2021
cve
Description
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v’s6.x model 35700BAX & Baxter Spectrum Infusion System v’s8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings view calibration values network configuration of Sigma Spectrum WBM if installed.
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Reference
https://www.us-cert.gov/ics/advisories/icsma-20-170-04
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
2.4
Share on: