#VU29155 Improper Authentication in PrismaFlex and PrisMax - CVE-2020-12035

Cybersecurity Help s.r.o.

Published: 2020-06-19

Vulnerability identifier: #VU29155

Vulnerability risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-12035

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PrismaFlex
Hardware solutions / Medical equipment
PrisMax
Hardware solutions / Medical equipment

Vendor: Baxter

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to improper authentication when configured to send treatment data to a PDMS or an EMR system. A remote attacker can bypass authentication process and modify treatment status information.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

PrismaFlex: before 8.2

PrisMax: before 3.0

External links
https://ics-cert.us-cert.gov/advisories/icsma-20-170-02

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Baxter PrismaFlex and PrisMax