Known Vulnerabilities for products from Baxter

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Baxter".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Baxter can be found at device.report : Baxter

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-26394 The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to pe... 5.4 - MEDIUM 2022-09-09 2022-09-16
CVE-2022-26393 The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read... 8.1 - HIGH 2022-09-09 2022-09-15
CVE-2022-26392 The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susce... 6.5 - MEDIUM 2022-09-09 2022-09-15
CVE-2022-26390 The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only applicable to Spectrum IQ pumps us... 4.2 - MEDIUM 2022-09-09 2023-07-11
CVE-2021-43935 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 9.8 - CRITICAL 2021-12-15 2022-07-25
CVE-2020-12048 Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encry... 7.5 - HIGH 2020-06-29 2020-07-16
CVE-2020-12047 The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24), when used with a Baxter Spectrum v8.x (model 35700BAX2) in... 9.8 - CRITICAL 2020-06-29 2020-07-08
CVE-2020-12045 The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when used in conjunction with a Baxter Spectrum v8.x (model... 9.8 - CRITICAL 2020-06-29 2020-07-08
CVE-2020-12043 The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when configured for wireless networking the FTP service ope... 9.8 - CRITICAL 2020-06-29 2020-07-08
CVE-2020-12041 The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive d... 9.4 - CRITICAL 2020-06-29 2020-07-08
CVE-2020-12040 Sigma Spectrum Infusion System v's6.x (model 35700BAX) and Baxter Spectrum Infusion System Version(s) 8.x (model 35700BAX2) a... 9.8 - CRITICAL 2020-06-29 2020-07-09
CVE-2020-12039 Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v... 2.4 - LOW 2020-06-29 2020-07-09
CVE-2020-12037 Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encr... 7.5 - HIGH 2020-06-29 2020-07-14
CVE-2020-12036 Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encr... 7.5 - HIGH 2020-06-29 2020-07-14
CVE-2020-12035 Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service passwo... 4.9 - MEDIUM 2020-06-29 2020-07-14
CVE-2020-12032 Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive ... 9.1 - CRITICAL 2020-06-29 2021-11-04
CVE-2020-12024 Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restric... 6.1 - MEDIUM 2020-06-29 2021-11-04
CVE-2020-12020 Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non ... 6.1 - MEDIUM 2020-06-29 2020-07-08
CVE-2020-12016 Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1,... 9.8 - CRITICAL 2020-06-29 2020-07-08
CVE-2020-12012 Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1,... 6.1 - MEDIUM 2020-06-29 2020-07-07
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Baxter

Type Vendor Product Version
HardwareBaxterEm1200-
Operating
System		BaxterEm1200 Firmware1.1
HardwareBaxterEm2400-
Operating
System		BaxterEm2400 Firmware1.10
HardwareBaxterPhoenix X36-
Operating
System		BaxterPhoenix X36 Firmware3.36
HardwareBaxterPrismaflex-
Operating
System		BaxterPrismaflex Firmware-
HardwareBaxterPrismax-
Operating
System		BaxterPrismax Firmware-
Operating
System		BaxterSigma Spectrum Infusion System Firmware6.0
HardwareBaxterWireless Battery Module17