Known Vulnerabilities for products from Baxter
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Baxter".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Baxter can be found at device.report : Baxter
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-26394 json | The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to pe... | 5.4 - MEDIUM | 2022-09-09 | 2022-09-16 |
| CVE-2022-26393 json | The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read... | 8.1 - HIGH | 2022-09-09 | 2022-09-15 |
| CVE-2022-26392 json | The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susce... | 6.5 - MEDIUM | 2022-09-09 | 2022-09-15 |
| CVE-2022-26390 json | The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only applicable to Spectrum IQ pumps us... | 4.2 - MEDIUM | 2022-09-09 | 2023-07-11 |
| CVE-2021-43935 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2021-12-15 | 2022-07-25 |
| CVE-2020-12048 json | Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encry... | 7.5 - HIGH | 2020-06-29 | 2020-07-16 |
| CVE-2020-12047 json | The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24), when used with a Baxter Spectrum v8.x (model 35700BAX2) in... | 9.8 - CRITICAL | 2020-06-29 | 2020-07-08 |
| CVE-2020-12045 json | The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when used in conjunction with a Baxter Spectrum v8.x (model... | 9.8 - CRITICAL | 2020-06-29 | 2020-07-08 |
| CVE-2020-12043 json | The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when configured for wireless networking the FTP service ope... | 9.8 - CRITICAL | 2020-06-29 | 2020-07-08 |
| CVE-2020-12041 json | The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive d... | 9.4 - CRITICAL | 2020-06-29 | 2020-07-08 |
| CVE-2020-12040 json | Sigma Spectrum Infusion System v's6.x (model 35700BAX) and Baxter Spectrum Infusion System Version(s) 8.x (model 35700BAX2) a... | 9.8 - CRITICAL | 2020-06-29 | 2020-07-09 |
| CVE-2020-12039 json | Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v... | 2.4 - LOW | 2020-06-29 | 2020-07-09 |
| CVE-2020-12037 json | Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encr... | 7.5 - HIGH | 2020-06-29 | 2020-07-14 |
| CVE-2020-12036 json | Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encr... | 7.5 - HIGH | 2020-06-29 | 2020-07-14 |
| CVE-2020-12035 json | Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service passwo... | 4.9 - MEDIUM | 2020-06-29 | 2020-07-14 |
| CVE-2020-12032 json | Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive ... | 9.1 - CRITICAL | 2020-06-29 | 2021-11-04 |
| CVE-2020-12024 json | Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restric... | 6.1 - MEDIUM | 2020-06-29 | 2021-11-04 |
| CVE-2020-12020 json | Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non ... | 6.1 - MEDIUM | 2020-06-29 | 2020-07-08 |
| CVE-2020-12016 json | Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1,... | 9.8 - CRITICAL | 2020-06-29 | 2020-07-08 |
| CVE-2020-12012 json | Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1,... | 6.1 - MEDIUM | 2020-06-29 | 2020-07-07 |
Known software with vulnerabilities from Baxter
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Baxter | Em1200 | - |
| Operating System | Baxter | Em1200 Firmware | 1.1 |
| Hardware | Baxter | Em2400 | - |
| Operating System | Baxter | Em2400 Firmware | 1.10 |
| Hardware | Baxter | Phoenix X36 | - |
| Operating System | Baxter | Phoenix X36 Firmware | 3.36 |
| Hardware | Baxter | Prismaflex | - |
| Operating System | Baxter | Prismaflex Firmware | - |
| Hardware | Baxter | Prismax | - |
| Operating System | Baxter | Prismax Firmware | - |
| Operating System | Baxter | Sigma Spectrum Infusion System Firmware | 6.0 |
| Hardware | Baxter | Wireless Battery Module | 17 |