Path Traversal Vulnerability in B. Braun Medical Devices
CVE-2025-3365

9.8CRITICAL

Key Information:

Vendor

B. Braun Melsungen Ag

Status
Onlinesuite
Vendor
CVE Published:
6 June 2025

What is CVE-2025-3365?

A significant path traversal vulnerability in B. Braun Medical Devices allows unauthorized users to access sensitive files on the server due to inadequate protection mechanisms. This flaw could potentially expose critical data and information, leading to significant security risks. Users of affected products should take immediate action to mitigate potential file access risks.

Affected Version(s)

OnlineSuite 3.0

References

https://www.bbraun.com/productsecurity

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Fabian Weber (CODE WHITE GmbH)
Dr. Florian Hauser (CODE WHITE GmbH)
.
CVE-2025-3365 : Path Traversal Vulnerability in B. Braun Medical Devices