Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22766 | 1 Bd | 48 Pyxis Anesthesia Station 4000, Pyxis Anesthesia Station 4000 Firmware, Pyxis Anesthesia Station Es and 45 more | 2024-11-21 | 2.1 LOW | 7.0 HIGH |
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic protected health information (ePHI) or other sensitive information. | |||||
CVE-2020-10598 | 1 Bd | 4 Pyxis Anesthesia Station Es, Pyxis Anesthesia Station Es Firmware, Pyxis Medstation Es and 1 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data. |