CVE-2022-22767
Summary
| CVE | CVE-2022-22767 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-06-02 14:15:00 UTC |
| Updated | 2022-06-11 00:53:00 UTC |
| Description | Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials. There may be scenarios where BD Pyxis™ products are installed with the same default local operating system credentials or domain-joined server(s) credentials that may be shared across product types. If exploited, threat actors may be able to gain privileged access to the underlying file system and could potentially exploit or gain access to ePHI or other sensitive information. |
Risk And Classification
Problem Types: CWE-522
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Bd | Pyxis Anesthesia Station Es | - | All | All | All |
| Operating System | Bd | Pyxis Anesthesia Station Es Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Ciisafe | - | All | All | All |
| Operating System | Bd | Pyxis Ciisafe Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Logistics | - | All | All | All |
| Operating System | Bd | Pyxis Logistics Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Medbank | - | All | All | All |
| Operating System | Bd | Pyxis Medbank Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Medstation 4000 | - | All | All | All |
| Operating System | Bd | Pyxis Medstation 4000 Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Medstation Es | - | All | All | All |
| Operating System | Bd | Pyxis Medstation Es Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Medstation Es Server | - | All | All | All |
| Operating System | Bd | Pyxis Medstation Es Server Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Parassist | - | All | All | All |
| Operating System | Bd | Pyxis Parassist Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Rapid Rx | - | All | All | All |
| Operating System | Bd | Pyxis Rapid Rx Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Stockstation | - | All | All | All |
| Operating System | Bd | Pyxis Stockstation Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Supplycenter | - | All | All | All |
| Operating System | Bd | Pyxis Supplycenter Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Supplyroller | - | All | All | All |
| Operating System | Bd | Pyxis Supplyroller Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Supplystation | - | All | All | All |
| Hardware | Bd | Pyxis Supplystation Ec | - | All | All | All |
| Operating System | Bd | Pyxis Supplystation Ec Firmware | - | All | All | All |
| Operating System | Bd | Pyxis Supplystation Firmware | - | All | All | All |
| Hardware | Bd | Pyxis Supplystation Rf Auxiliary | - | All | All | All |
| Operating System | Bd | Pyxis Supplystation Rf Auxiliary Firmware | - | All | All | All |
| Hardware | Bd | Rowa Pouch Packaging Systems | - | All | All | All |
| Operating System | Bd | Rowa Pouch Packaging Systems Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| BD Pyxis<sup>™</sup> Products - Default Credentials | CONFIRM | cybersecurity.bd.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.