CVE-2021-33885
Summary
| CVE | CVE-2021-33885 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-08-25 12:15:00 UTC |
| Updated | 2022-07-12 17:42:00 UTC |
| Description | An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used in place of the correct data. This results in full system command access and execution because of the lack of cryptographic signatures on critical data sets. |
Risk And Classification
Problem Types: CWE-347
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Bbraun | Infusomat Large Volume Pump 871305u | - | All | All | All |
| Operating System | Bbraun | Spacecom2 | All | All | All | All |
| Hardware | Bbraun | Spacestation 8713142u | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 Not Found | MISC | www.bbraunusa.com | |
| McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump | McAfee Blogs | MISC | www.mcafee.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.