CVE-2022-43557

Summary

CVE	CVE-2022-43557
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-12-05 22:15:00 UTC
Updated	2023-10-27 21:15:00 UTC
Description	The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Bd	Bodyguard 121 Twins	-	All	All	All
Operating System	Bd	Bodyguard 121 Twins Firmware	-	All	All	All
Hardware	Bd	Bodyguard 323 Colorvision	-	All	All	All
Operating System	Bd	Bodyguard 323 Colorvision Firmware	-	All	All	All
Hardware	Bd	Bodyguard 999-603	-	All	All	All
Operating System	Bd	Bodyguard 999-603 Firmware	-	All	All	All
Hardware	Bd	Bodyguard Duo 999-903	-	All	All	All
Operating System	Bd	Bodyguard Duo 999-903 Firmware	-	All	All	All
Hardware	Bd	Bodyguard Epidural 999-683	-	All	All	All
Operating System	Bd	Bodyguard Epidural 999-683 Firmware	-	All	All	All
Hardware	Bd	Bodyguard Pain Manager 999-803	-	All	All	All
Operating System	Bd	Bodyguard Pain Manager 999-803 Firmware	-	All	All	All
Hardware	Bd	Bodyguard T 999-103	-	All	All	All
Operating System	Bd	Bodyguard T 999-103 Firmware	-	All	All	All

References

Reference	Source	Link	Tags
BD BodyGuard™ Pumps – RS-232 Interface Vulnerability	MISC	www.bd.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.