Lucene search

IcscertCVELIST:CVE-2020-27282

HistoryMar 15, 2021 - 9:21 p.m.

CVE-2020-27282

2021-03-1521:21:54

CWE-112

icscert

www.cve.org

cve-2020-27282

xml validation

privileged attackers

physical access

render device unusable

configuration files

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

27.3%

JSON

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical access to render the device persistently unusable by uploading specially crafted configuration files.

CNA Affected

[
  {
    "product": "Hamilton Medical AG, T1-Ventillator",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Versions 2.2.3 and prior"
      }
    ]
  }
]

References

us-cert.cisa.gov/ics/advisories/icsma-21-047-01