Lucene search
HistorySep 09, 2022 - 3:15 p.m.
CVE-2022-26393
baxter
spectrum wbm
format string attack
vulnerability
application messaging
memory read
sensitive information
denial of service
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.001 Low
EPSS
Percentile
42.8%
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service (DoS) on the WBM.
Affected configurations
Node
baxterspectrum_wireless_battery_module_firmwareMatch20d29
baxterspectrum_wireless_battery_moduleMatch-
Node
baxtersigma_spectrum_35700bax_firmwareMatch-
baxtersigma_spectrum_35700baxMatch-
Node
baxtersigma_spectrum_35700bax2Match-
baxtersigma_spectrum_35700bax2_firmwareMatch-
Node
baxterbaxter_spectrum_iq_35700bax3Match-
baxterbaxter_spectrum_iq_35700bax3_firmwareMatch-
Related
cve
cve
CVE-2022-26393
2022-09-09 15:15:09
prion
prion
Format string
2022-09-09 15:15:00
cvelist
cvelist
CVE-2022-26393 Format String vulnerability
2022-09-08 00:00:00
thn
thn
New Vulnerabilities Reported in Baxter's Internet-Connected Infusion Pumps
2022-09-08 17:55:00
ics
ics
Baxter Sigma Spectrum Infusion Pump (Update A)
2022-09-29 12:00:00
rapid7blog
rapid7blog
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
2022-09-08 16:30:00
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.001 Low
EPSS
Percentile
42.8%
Related for NVD:CVE-2022-26393