CVE-2020-12041

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot.
References
Link Resource
https://www.us-cert.gov/ics/advisories/icsma-20-170-04 Third Party Advisory US Government Resource
https://www.us-cert.gov/ics/advisories/icsma-20-170-04 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:baxter:sigma_spectrum_infusion_system_firmware:8.0:*:*:*:*:*:*:*
OR cpe:2.3:h:baxter:sigma_spectrum_infusion_system:-:*:*:*:*:*:*:*
cpe:2.3:h:baxter:wireless_battery_module:17:*:*:*:*:*:*:*
cpe:2.3:h:baxter:wireless_battery_module:20d29:*:*:*:*:*:*:*
cpe:2.3:h:baxter:wireless_battery_module:20d30:*:*:*:*:*:*:*
cpe:2.3:h:baxter:wireless_battery_module:20d31:*:*:*:*:*:*:*
cpe:2.3:h:baxter:wireless_battery_module:22d24:*:*:*:*:*:*:*

History

21 Nov 2024, 04:59

Type Values Removed Values Added
References () https://www.us-cert.gov/ics/advisories/icsma-20-170-04 - Third Party Advisory, US Government Resource () https://www.us-cert.gov/ics/advisories/icsma-20-170-04 - Third Party Advisory, US Government Resource

Information

Published : 2020-06-29 14:15

Updated : 2024-11-21 04:59


NVD link : CVE-2020-12041

Mitre link : CVE-2020-12041

CVE.ORG link : CVE-2020-12041


JSON object : View

Products Affected

baxter

  • wireless_battery_module
  • sigma_spectrum_infusion_system
  • sigma_spectrum_infusion_system_firmware
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource