CVE-2022-38069 Information

Description

Multiple globally default credentials exist across all CMS8000 devices that once exposed allow a threat actor with momentary physical access to gain privileged access to any device. Privileged credential access enables the extraction of sensitive patient information or modification of device parameters

Reference

https://www.cisa.gov/uscert/ics/advisories/icsma-22-244-01