Vulnerability identifier: #VU20897

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-13517

CWE-ID: CWE-384

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Pyxis Enterprise Server
Hardware solutions / Medical equipment
Pyxis ES
Hardware solutions / Medical equipment

Vendor: Becton, Dickinson and Company (BD)

Description

Mitigation

Vulnerable software versions

Pyxis Enterprise Server: 4.4 - 4.12

Pyxis ES: 1.3.4 - 1.6.1

CPE

• cpe:2.3:h:becton_dickinson_and_company_bd:pyxis_enterprise_server:4.4:*:*:*:*:*:*:*

External links
http://ics-cert.us-cert.gov/advisories/icsma-19-248-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?