Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-8004
Vulnerability from cvelistv5
Published
2020-04-06 12:44
Modified
2024-08-04 09:48
Severity ?
EPSS score ?
Summary
STMicroelectronics STM32F1 devices have Incorrect Access Control.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://blog.zapb.de/stm32f1-exceptional-failure/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://blog.zapb.de/stm32f1-exceptional-failure/ | Exploit, Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:48:24.811Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.zapb.de/stm32f1-exceptional-failure/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2020-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "STMicroelectronics STM32F1 devices have Incorrect Access Control." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-06T12:44:31", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://blog.zapb.de/stm32f1-exceptional-failure/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8004", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "STMicroelectronics STM32F1 devices have Incorrect Access Control." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.zapb.de/stm32f1-exceptional-failure/", "refsource": "MISC", "url": "https://blog.zapb.de/stm32f1-exceptional-failure/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-8004", "datePublished": "2020-04-06T12:44:31", "dateReserved": "2020-01-27T00:00:00", "dateUpdated": "2024-08-04T09:48:24.811Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-8004\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-04-06T13:15:13.050\",\"lastModified\":\"2024-11-21T05:38:11.943\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"STMicroelectronics STM32F1 devices have Incorrect Access Control.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos STMicroelectronics STM32F1, presentan un Control de Acceso Incorrecto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:st:stm32f1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6B07E2-6BF1-4E37-A152-8ED7A07364FA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:st:stm32f1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67F7A14-232C-422D-8FE6-4A758A669D39\"}]}]}],\"references\":[{\"url\":\"https://blog.zapb.de/stm32f1-exceptional-failure/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://blog.zapb.de/stm32f1-exceptional-failure/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}" } }
gsd-2020-8004
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
STMicroelectronics STM32F1 devices have Incorrect Access Control.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2020-8004", "description": "STMicroelectronics STM32F1 devices have Incorrect Access Control.", "id": "GSD-2020-8004" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-8004" ], "details": "STMicroelectronics STM32F1 devices have Incorrect Access Control.", "id": "GSD-2020-8004", "modified": "2023-12-13T01:21:53.737143Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8004", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "STMicroelectronics STM32F1 devices have Incorrect Access Control." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.zapb.de/stm32f1-exceptional-failure/", "refsource": "MISC", "url": "https://blog.zapb.de/stm32f1-exceptional-failure/" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:st:stm32f1_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:st:stm32f1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8004" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "STMicroelectronics STM32F1 devices have Incorrect Access Control." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.zapb.de/stm32f1-exceptional-failure/", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://blog.zapb.de/stm32f1-exceptional-failure/" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2021-07-21T11:39Z", "publishedDate": "2020-04-06T13:15Z" } } }
var-202004-1914
Vulnerability from variot
STMicroelectronics STM32F1 devices have Incorrect Access Control. STMicroelectronics STM32F1 The device contains a vulnerability related to information leakage.Information may be obtained. STMicroelectronics STM32F1 is a 32-bit microcontroller based on ARM Cortex M3 from STMicroelectronics (STMicroelectronics). Attackers can use this vulnerability to obtain memory content
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1914", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "stm32f1", "scope": null, "trust": 1.4, "vendor": "stmicroelectronics", "version": null }, { "model": "stm32f1", "scope": "eq", "trust": 1.0, "vendor": "st", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "NVD", "id": "CVE-2020-8004" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:st:stm32f1_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:st:stm32f1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-8004" } ] }, "cve": "CVE-2020-8004", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-003776", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2020-37914", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2020-8004", "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-003776", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-8004", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-003776", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-37914", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202004-155", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-8004", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "VULMON", "id": "CVE-2020-8004" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "NVD", "id": "CVE-2020-8004" }, { "db": "CNNVD", "id": "CNNVD-202004-155" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "STMicroelectronics STM32F1 devices have Incorrect Access Control. STMicroelectronics STM32F1 The device contains a vulnerability related to information leakage.Information may be obtained. STMicroelectronics STM32F1 is a 32-bit microcontroller based on ARM Cortex M3 from STMicroelectronics (STMicroelectronics). Attackers can use this vulnerability to obtain memory content", "sources": [ { "db": "NVD", "id": "CVE-2020-8004" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "VULMON", "id": "CVE-2020-8004" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-8004", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2020-003776", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-37914", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202004-155", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-8004", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "VULMON", "id": "CVE-2020-8004" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "NVD", "id": "CVE-2020-8004" }, { "db": "CNNVD", "id": "CNNVD-202004-155" } ] }, "id": "VAR-202004-1914", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" } ], "trust": 1.35 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" } ] }, "last_update_date": "2023-12-18T13:23:17.473000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "https://www.st.com/content/st_com/en.html" }, { "title": "CVE-2020-8004", "trust": 0.1, "url": "https://github.com/wuxx/cve-2020-8004 " }, { "title": "PoC", "trust": 0.1, "url": "https://github.com/jonathan-elias/poc " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/developer3000s/poc-in-github " }, { "title": "CVE-POC", "trust": 0.1, "url": "https://github.com/0xt11/cve-poc " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/nomi-sec/poc-in-github " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/hectorgie/poc-in-github " } ], "sources": [ { "db": "VULMON", "id": "CVE-2020-8004" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "NVD", "id": "CVE-2020-8004" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://blog.zapb.de/stm32f1-exceptional-failure/" }, { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-8004" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8004" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://github.com/wuxx/cve-2020-8004" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://github.com/nomi-sec/poc-in-github" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "VULMON", "id": "CVE-2020-8004" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "NVD", "id": "CVE-2020-8004" }, { "db": "CNNVD", "id": "CNNVD-202004-155" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "VULMON", "id": "CVE-2020-8004" }, { "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "db": "NVD", "id": "CVE-2020-8004" }, { "db": "CNNVD", "id": "CNNVD-202004-155" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-07-09T00:00:00", "db": "CNVD", "id": "CNVD-2020-37914" }, { "date": "2020-04-06T00:00:00", "db": "VULMON", "id": "CVE-2020-8004" }, { "date": "2020-04-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "date": "2020-04-06T13:15:13.050000", "db": "NVD", "id": "CVE-2020-8004" }, { "date": "2020-04-06T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-155" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-07-09T00:00:00", "db": "CNVD", "id": "CNVD-2020-37914" }, { "date": "2021-07-21T00:00:00", "db": "VULMON", "id": "CVE-2020-8004" }, { "date": "2020-04-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-003776" }, { "date": "2021-07-21T11:39:23.747000", "db": "NVD", "id": "CVE-2020-8004" }, { "date": "2020-04-07T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-155" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-155" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "STMicroelectronics STM32F1 Information Disclosure Vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2020-37914" }, { "db": "CNNVD", "id": "CNNVD-202004-155" } ], "trust": 1.2 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-155" } ], "trust": 0.6 } }
ghsa-2hfw-c599-2pww
Vulnerability from github
Published
2022-05-24 17:13
Modified
2022-05-24 17:13
Details
STMicroelectronics STM32F1 devices have Incorrect Access Control.
{ "affected": [], "aliases": [ "CVE-2020-8004" ], "database_specific": { "cwe_ids": [ "CWE-200" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-04-06T13:15:00Z", "severity": "MODERATE" }, "details": "STMicroelectronics STM32F1 devices have Incorrect Access Control.", "id": "GHSA-2hfw-c599-2pww", "modified": "2022-05-24T17:13:25Z", "published": "2022-05-24T17:13:25Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8004" }, { "type": "WEB", "url": "https://blog.zapb.de/stm32f1-exceptional-failure" } ], "schema_version": "1.4.0", "severity": [] }
icsma-24-319-01
Vulnerability from csaf_cisa
Published
2024-11-14 07:00
Modified
2024-11-14 07:00
Summary
Baxter Life2000 Ventilation System
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could lead to information disclosure and/or disruption of the device's function without detection.
Critical infrastructure sectors
Healthcare and Public Health
Countries/areas deployed
United States
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
{ "document": { "acknowledgments": [ { "names": [ "Baxter" ], "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could lead to information disclosure and/or disruption of the device\u0027s function without detection.", "title": "Risk evaluation" }, { "category": "other", "text": "Healthcare and Public Health", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "United States", "title": "Countries/areas deployed" }, { "category": "other", "text": "United States", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSMA-24-319-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsma-24-319-01.json" }, { "category": "self", "summary": "ICSA Advisory ICSMA-24-319-01 - Web Version", "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" } ], "title": "Baxter Life2000 Ventilation System", "tracking": { "current_release_date": "2024-11-14T07:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSMA-24-319-01", "initial_release_date": "2024-11-14T07:00:00.000000Z", "revision_history": [ { "date": "2024-11-14T07:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=06.08.00.00", "product": { "name": "Baxter Life2000 Ventilation System: \u003c=06.08.00.00", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "Life2000 Ventilation System" } ], "category": "vendor", "name": "Baxter" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-9834", "cwe": { "id": "CWE-319", "name": "Cleartext Transmission of Sensitive Information" }, "notes": [ { "category": "summary", "text": "Improper data protection on the ventilator\u0027s serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-9834" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-9832", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "summary", "text": "There is no limit on the number of failed login attempts permitted with the Clinician Password or the Serial Number Clinician Password. An attacker could execute a brute-force attack to gain unauthorized access to the ventilator, and then make changes to device settings that could disrupt the function of the device and/or result in unauthorized information disclosure..", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-9832" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48971", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "summary", "text": "The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form. This could allow an attacker to obtain the password off the ventilator and use it to gain unauthorized access to the device, with clinician privileges.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48971" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48973", "cwe": { "id": "CWE-1263", "name": "Improper Physical Access Control" }, "notes": [ { "category": "summary", "text": "The debug port on the ventilator\u0027s serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port (which are unencrypted; see 3.2.1) that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48973" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48974", "cwe": { "id": "CWE-494", "name": "Download of Code Without Integrity Check" }, "notes": [ { "category": "summary", "text": "The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device\u0027s configuration settings and/or compromise device functionality by pushing a compromised/illegitimate firmware file. This could disrupt the function of the device and/or cause unauthorized information disclosure.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48974" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48970", "cwe": { "id": "CWE-1191", "name": "On-Chip Debug and Test Interface With Improper Access Control" }, "notes": [ { "category": "summary", "text": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48970" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-8004", "cwe": { "id": "CWE-1318", "name": "Missing Support for Security Features in On-chip Fabrics or Buses" }, "notes": [ { "category": "summary", "text": "The flash memory read-out protection feature on the microcontroller does not block memory access via the ICode bus. Attackers can exploit this in conjunction with certain CPU exception handling behaviors to gain knowledge of how the onboard flash memory is organized and ultimately bypass read-out protection to expose memory contents.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8004" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48966", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "summary", "text": "The software tools used by service personnel to test \u0026 calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain diagnostic information through the test tool or manipulate the ventilator\u0027s settings and embedded software via the calibration tool, without having to authenticate to either tool. This could result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48966" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48967", "cwe": { "id": "CWE-778", "name": "Insufficient Logging" }, "notes": [ { "category": "summary", "text": "The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without detection, make unauthorized changes to ventilator settings that result in unauthorized disclosure of information and/or have unintended impacts on device performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48967" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] } ] }
ICSMA-24-319-01
Vulnerability from csaf_cisa
Published
2024-11-14 07:00
Modified
2024-11-14 07:00
Summary
Baxter Life2000 Ventilation System
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could lead to information disclosure and/or disruption of the device's function without detection.
Critical infrastructure sectors
Healthcare and Public Health
Countries/areas deployed
United States
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
{ "document": { "acknowledgments": [ { "names": [ "Baxter" ], "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could lead to information disclosure and/or disruption of the device\u0027s function without detection.", "title": "Risk evaluation" }, { "category": "other", "text": "Healthcare and Public Health", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "United States", "title": "Countries/areas deployed" }, { "category": "other", "text": "United States", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSMA-24-319-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsma-24-319-01.json" }, { "category": "self", "summary": "ICSA Advisory ICSMA-24-319-01 - Web Version", "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" } ], "title": "Baxter Life2000 Ventilation System", "tracking": { "current_release_date": "2024-11-14T07:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSMA-24-319-01", "initial_release_date": "2024-11-14T07:00:00.000000Z", "revision_history": [ { "date": "2024-11-14T07:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=06.08.00.00", "product": { "name": "Baxter Life2000 Ventilation System: \u003c=06.08.00.00", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "Life2000 Ventilation System" } ], "category": "vendor", "name": "Baxter" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-9834", "cwe": { "id": "CWE-319", "name": "Cleartext Transmission of Sensitive Information" }, "notes": [ { "category": "summary", "text": "Improper data protection on the ventilator\u0027s serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-9834" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-9832", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "summary", "text": "There is no limit on the number of failed login attempts permitted with the Clinician Password or the Serial Number Clinician Password. An attacker could execute a brute-force attack to gain unauthorized access to the ventilator, and then make changes to device settings that could disrupt the function of the device and/or result in unauthorized information disclosure..", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-9832" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48971", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "summary", "text": "The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form. This could allow an attacker to obtain the password off the ventilator and use it to gain unauthorized access to the device, with clinician privileges.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48971" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48973", "cwe": { "id": "CWE-1263", "name": "Improper Physical Access Control" }, "notes": [ { "category": "summary", "text": "The debug port on the ventilator\u0027s serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port (which are unencrypted; see 3.2.1) that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48973" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48974", "cwe": { "id": "CWE-494", "name": "Download of Code Without Integrity Check" }, "notes": [ { "category": "summary", "text": "The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device\u0027s configuration settings and/or compromise device functionality by pushing a compromised/illegitimate firmware file. This could disrupt the function of the device and/or cause unauthorized information disclosure.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48974" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48970", "cwe": { "id": "CWE-1191", "name": "On-Chip Debug and Test Interface With Improper Access Control" }, "notes": [ { "category": "summary", "text": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48970" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-8004", "cwe": { "id": "CWE-1318", "name": "Missing Support for Security Features in On-chip Fabrics or Buses" }, "notes": [ { "category": "summary", "text": "The flash memory read-out protection feature on the microcontroller does not block memory access via the ICode bus. Attackers can exploit this in conjunction with certain CPU exception handling behaviors to gain knowledge of how the onboard flash memory is organized and ultimately bypass read-out protection to expose memory contents.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8004" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48966", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "summary", "text": "The software tools used by service personnel to test \u0026 calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain diagnostic information through the test tool or manipulate the ventilator\u0027s settings and embedded software via the calibration tool, without having to authenticate to either tool. This could result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48966" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2024-48967", "cwe": { "id": "CWE-778", "name": "Insufficient Logging" }, "notes": [ { "category": "summary", "text": "The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without detection, make unauthorized changes to ventilator settings that result in unauthorized disclosure of information and/or have unintended impacts on device performance.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48967" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" } ], "remediations": [ { "category": "mitigation", "details": "Baxter plans to issue a follow-up announcement in Q2 2025 regarding the Life2000 vulnerabilities described in this disclosure.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Baxter is unaware of any exploitation of these vulnerabilities and/or the compromise of personal or health data.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "vendor_fix", "details": "Baxter recommends that users of the Life2000 Ventilation System not leave their ventilators unattended in public or unsecured areas. Maintaining physical possession and control of the ventilator reduces the likelihood of a malicious actor gaining access to the device.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, refer to Baxter\u0027s Product Security and Responsible Disclosures web page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.baxter.com/product-security" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.