Main Vulnerability Database Vulnerabilities #VU56077

#VU56077 Insufficient verification of data authenticity in SpaceCom2 - CVE-2021-33885

Published: August 25, 2021

Vulnerability identifier: #VU56077

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2021-33885

CWE-ID: CWE-345

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
SpaceCom2

Software vendor:
B. Braun Melsungen AG

Description

The vulnerability allows a remote attacker to compromsie the target system.

The vulnerability exists due to insufficient verification of data authenticity. A remote attacker can send specially crafted data to the device, leading to execution through lack of cryptographic signatures on critical data sets.

Remediation

Install updates from vendor's website.

External links

https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/

#VU56077 Insufficient verification of data authenticity in SpaceCom2 - CVE-2021-33885

Description

Remediation

External links

Please verify you're human