CVE-2020-12039
Summary
| CVE | CVE-2020-12039 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-06-29 14:15:00 UTC |
| Updated | 2020-07-09 17:52:00 UTC |
| Description | Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration values, network configuration of Sigma Spectrum WBM if installed. |
Risk And Classification
Problem Types: CWE-798
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Baxter | Sigma Spectrum Infusion System | - | All | All | All |
| Hardware | Baxter | Sigma Spectrum Infusion System | - | All | All | All |
| Operating System | Baxter | Sigma Spectrum Infusion System Firmware | 8.0 | All | All | All |
| Operating System | Baxter | Sigma Spectrum Infusion System Firmware | 8.0 | All | All | All |
| Operating System | Baxter | Sigma Spectrum Infusion System Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Baxter Sigma Spectrum Infusion Pumps (Update A) | CISA | MISC | www.us-cert.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.