Vulnerabilities (CVE)

Filtered by vendor Bd Subscribe
Filtered by product Alaris 8015 Pcu
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-30561 1 Bd 2 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware 2024-11-21 N/A 6.1 MEDIUM
The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is running.
CVE-2023-30560 1 Bd 2 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware 2024-11-21 N/A 6.8 MEDIUM
The configuration from the PCU can be modified without authentication using physical connection to the PCU.
CVE-2023-30559 1 Bd 2 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware 2024-11-21 N/A 5.2 MEDIUM
The firmware update package for the wireless card is not properly signed and can be modified.
CVE-2020-25165 1 Bd 3 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware, Alaris Systems Manager 2024-11-21 5.0 MEDIUM 7.5 HIGH
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager. If exploited, an attacker could perform a denial-of-service attack on the BD Alaris PC Unit by modifying the configuration headers of data in transit. A denial-of-service attack could lead to a drop in the wireless capability of the BD Alaris PC Unit, resulting in manual operation of the PC Unit.