Search criteria
2 vulnerabilities found for Pyxis MedStation ES System by Becton, Dickinson and Company (BD)
CVE-2020-10598 (GCVE-0-2020-10598)
Vulnerability from cvelistv5 – Published: 2020-04-01 20:59 – Updated: 2024-08-04 11:06
VLAI?
Summary
In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.
Severity ?
No CVSS data available.
CWE
- CWE-693 - PROTECTION MECHANISM FAILURE CWE-693
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Becton, Dickinson and Company (BD) | Pyxis MedStation ES System |
Affected:
v1.6.1
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pyxis MedStation ES System",
"vendor": "Becton, Dickinson and Company (BD)",
"versions": [
{
"status": "affected",
"version": "v1.6.1"
}
]
},
{
"product": "Pyxis Anesthesia (PAS) ES System",
"vendor": "Becton, Dickinson and Company (BD)",
"versions": [
{
"status": "affected",
"version": "v1.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "PROTECTION MECHANISM FAILURE CWE-693",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-01T20:59:36",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pyxis MedStation ES System",
"version": {
"version_data": [
{
"version_value": "v1.6.1"
}
]
}
},
{
"product_name": "Pyxis Anesthesia (PAS) ES System",
"version": {
"version_data": [
{
"version_value": "v1.6.1"
}
]
}
}
]
},
"vendor_name": "Becton, Dickinson and Company (BD)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PROTECTION MECHANISM FAILURE CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10598",
"datePublished": "2020-04-01T20:59:36",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10598 (GCVE-0-2020-10598)
Vulnerability from nvd – Published: 2020-04-01 20:59 – Updated: 2024-08-04 11:06
VLAI?
Summary
In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.
Severity ?
No CVSS data available.
CWE
- CWE-693 - PROTECTION MECHANISM FAILURE CWE-693
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Becton, Dickinson and Company (BD) | Pyxis MedStation ES System |
Affected:
v1.6.1
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pyxis MedStation ES System",
"vendor": "Becton, Dickinson and Company (BD)",
"versions": [
{
"status": "affected",
"version": "v1.6.1"
}
]
},
{
"product": "Pyxis Anesthesia (PAS) ES System",
"vendor": "Becton, Dickinson and Company (BD)",
"versions": [
{
"status": "affected",
"version": "v1.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "PROTECTION MECHANISM FAILURE CWE-693",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-01T20:59:36",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pyxis MedStation ES System",
"version": {
"version_data": [
{
"version_value": "v1.6.1"
}
]
}
},
{
"product_name": "Pyxis Anesthesia (PAS) ES System",
"version": {
"version_data": [
{
"version_value": "v1.6.1"
}
]
}
}
]
},
"vendor_name": "Becton, Dickinson and Company (BD)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PROTECTION MECHANISM FAILURE CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-091-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10598",
"datePublished": "2020-04-01T20:59:36",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}