Multiple vulnerabilities in Baxter ExactaMix



Published: 2020-06-19
Risk High
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2020-12008
CVE-2020-12032
CVE-2017-0143
CWE-ID CWE-319
CWE-311
CWE-20
Exploitation vector Network
Public exploit Vulnerability #3 is being exploited in the wild.
Vulnerable software
Subscribe
ExactaMix EM1200
Hardware solutions / Medical equipment

ExactaMix EM2400
Hardware solutions / Medical equipment

Vendor Baxter

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Cleartext transmission of sensitive information

EUVDB-ID: #VU29170

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-12008

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker can gain access to sensitive data including PHI.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ExactaMix EM1200: 1.1 - 1.2

ExactaMix EM2400: 1.10 - 1.11


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-170-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Missing Encryption of Sensitive Data

EUVDB-ID: #VU29171

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-12032

CWE-ID: CWE-311 - Missing Encryption of Sensitive Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected software stores device data with sensitive information in an unencrypted database. A remote attacker can view or modify sensitive data including PHI.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ExactaMix EM1200: 1.1 - 1.2

ExactaMix EM2400: 1.10 - 1.11


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-170-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper input validation

EUVDB-ID: #VU6010

Risk: High

CVSSv3.1:

CVE-ID: CVE-2017-0143

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an error when parsing requests in Microsoft Server Message Block 1.0 (SMBv1) server. A remote unauthenticated attacker can send specially crafted SMB packets and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ExactaMix EM1200: 1.1 - 1.2

ExactaMix EM2400: 1.10 - 1.11


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-170-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###