FTP Service Vulnerability in Baxter Spectrum WBM Wireless Configuration
CVE-2020-12043

9.8CRITICAL

Key Information:

Vendor

Baxter

Status
Baxter Sigma Spectrum Infusion Pumps
Vendor
CVE Published:
29 June 2020

What is CVE-2020-12043?

The Baxter Spectrum WBM, when configured for wireless networking, has an issue where the FTP service remains operational until the device is rebooted. This can potentially expose sensitive data and create security risks, as unauthorized entities may gain access to the FTP service if the device is not properly secured or monitored. Regular updates and secure configurations are essential to mitigate such risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum v6.x model 35700BAX, Baxter Spectrum v8.x model 35700BAX2,Sigma Spectrum v6.x with Wireless Battery Module v9,11,13,14,15,16,v20D29,v20D30,v20D31,v22D24, Baxter Spectrum v8.x with Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24,Baxter Spectrum Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24,Baxter Spectrum LVP v8.x w/Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24

References

https://www.us-cert.gov/ics/advisories/icsma-20-170-04
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.