cvelistv5 - cve-2021-44464

CVE-2021-44464 (GCVE-0-2021-44464)

Vulnerability from cvelistv5 – Published: 2022-01-21 18:17 – Updated: 2025-04-16 16:47

Summary

Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-798 - Use of Hard-coded Credentials

Assigner

icscert

References

URL

Tags

https://www.cisa.gov/uscert/ics/advisories/icsma-…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Fresenius Kabi	Vigilant Software Suite (Mastermed Dashboard)	Affected: unspecified , < 2.0.1.3 (custom)

Credits

Julian Suleder (ERNW Research GmbH), Nils Emmerich (ERNW Research GmbH), Raphael Pavlidis (ERNW Research GmbH), and Dr. Oliver Matula (ERNW Enno Rey Netzwerke GmbH) reported these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI project ManiMed (Medical Device Manipulation Project).

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:25:16.824Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-44464",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:56:40.775925Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:47:01.630Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Vigilant Software Suite (Mastermed Dashboard)",
          "vendor": "Fresenius Kabi",
          "versions": [
            {
              "lessThan": "2.0.1.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Julian Suleder (ERNW Research GmbH), Nils Emmerich (ERNW Research GmbH), Raphael Pavlidis (ERNW Research GmbH), and Dr. Oliver Matula (ERNW Enno Rey Netzwerke GmbH) reported these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI project ManiMed (Medical Device Manipulation Project)."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-21T18:17:42.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Fresenius Kabi has created new versions to address these vulnerabilities:\n\u2022\tLink+ v3.0 (D16 or later)\n\u2022\tVSS v1.0.3 (or later)\n\u2022\tAgilia Connect Pumps Wifi Module (D29 or later)\n\u2022\tAgilia Connect Partner v3.3.2 (or later) \nFresenius Kabi has initiated communication on this topic in April 2021 with customers to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more information on updating to the newest version.\nFresenius Kabi also identified that early Link+ devices (approximatively 1200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in customers\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendation. \n"
        }
      ],
      "source": {
        "advisory": "ICSMA-21-355-01",
        "discovery": "EXTERNAL"
      },
      "title": "Fresenius Kabi Agilia Connect Infusion System hard coded credentials",
      "workarounds": [
        {
          "lang": "en",
          "value": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\u2022\tMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\n\u2022\tLocate control system networks and remote devices behind firewalls and isolate them from the business network.\n\u2022\tWhen remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2021-44464",
          "STATE": "PUBLIC",
          "TITLE": "Fresenius Kabi Agilia Connect Infusion System hard coded credentials"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Vigilant Software Suite (Mastermed Dashboard)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "2.0.1.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Fresenius Kabi"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Julian Suleder (ERNW Research GmbH), Nils Emmerich (ERNW Research GmbH), Raphael Pavlidis (ERNW Research GmbH), and Dr. Oliver Matula (ERNW Enno Rey Netzwerke GmbH) reported these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI project ManiMed (Medical Device Manipulation Project)."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Fresenius Kabi has created new versions to address these vulnerabilities:\n\u2022\tLink+ v3.0 (D16 or later)\n\u2022\tVSS v1.0.3 (or later)\n\u2022\tAgilia Connect Pumps Wifi Module (D29 or later)\n\u2022\tAgilia Connect Partner v3.3.2 (or later) \nFresenius Kabi has initiated communication on this topic in April 2021 with customers to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more information on updating to the newest version.\nFresenius Kabi also identified that early Link+ devices (approximatively 1200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in customers\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendation. \n"
          }
        ],
        "source": {
          "advisory": "ICSMA-21-355-01",
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\u2022\tMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\n\u2022\tLocate control system networks and remote devices behind firewalls and isolate them from the business network.\n\u2022\tWhen remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-44464",
    "datePublished": "2022-01-21T18:17:42.000Z",
    "dateReserved": "2021-11-30T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:47:01.630Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fresenius-kabi:agilia_connect_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"d25\", \"matchCriteriaId\": \"8B4979F9-A7D5-4B5C-8FF2-C3C67773EE03\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:fresenius-kabi:agilia_connect:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1BBB63E-7E43-4BC1-A08F-4F1F811F839B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.3.0\", \"matchCriteriaId\": \"3B072164-6AA2-4A14-B7D7-10B4B953004D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C47210A7-4753-4ED7-8E6B-9BE8EBFABC9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C91B931-F726-4AB2-B3A6-D92F774CF04D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04AC7167-F5C8-46A2-B937-953E13D76A32\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fresenius-kabi:link\\\\+_agilia_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"45FA28DE-939F-4146-A6E2-CE8849C9CB16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fresenius-kabi:link\\\\+_agilia_firmware:3.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D5FC3D0-9593-487B-B70A-F8BBCA8A18FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fresenius-kabi:link\\\\+_agilia_firmware:3.0:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"67E88F2E-C12B-4B50-B087-3247F4748AF3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:fresenius-kabi:link\\\\+_agilia:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1548AA3F-659F-43C3-9261-C7FD55465877\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.\"}, {\"lang\": \"es\", \"value\": \"Vigilant Software Suite (Mastermed Dashboard) versi\\u00f3n 2.0.1.3, contiene credenciales de servicio que probablemente sean comunes en todas las instancias. Un atacante en posesi\\u00f3n de la contrase\\u00f1a puede alcanzar privilegios en todas las instalaciones de este software\"}]",
      "id": "CVE-2021-44464",
      "lastModified": "2024-11-21T06:31:01.760",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-21T19:15:09.403",
      "references": "[{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-44464\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-01-21T19:15:09.403\",\"lastModified\":\"2024-11-21T06:31:01.760\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.\"},{\"lang\":\"es\",\"value\":\"Vigilant Software Suite (Mastermed Dashboard) versi\u00f3n 2.0.1.3, contiene credenciales de servicio que probablemente sean comunes en todas las instancias. Un atacante en posesi\u00f3n de la contrase\u00f1a puede alcanzar privilegios en todas las instalaciones de este software\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fresenius-kabi:agilia_connect_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"d25\",\"matchCriteriaId\":\"8B4979F9-A7D5-4B5C-8FF2-C3C67773EE03\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fresenius-kabi:agilia_connect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1BBB63E-7E43-4BC1-A08F-4F1F811F839B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.3.0\",\"matchCriteriaId\":\"3B072164-6AA2-4A14-B7D7-10B4B953004D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47210A7-4753-4ED7-8E6B-9BE8EBFABC9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C91B931-F726-4AB2-B3A6-D92F774CF04D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04AC7167-F5C8-46A2-B937-953E13D76A32\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fresenius-kabi:link\\\\+_agilia_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"45FA28DE-939F-4146-A6E2-CE8849C9CB16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fresenius-kabi:link\\\\+_agilia_firmware:3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D5FC3D0-9593-487B-B70A-F8BBCA8A18FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fresenius-kabi:link\\\\+_agilia_firmware:3.0:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E88F2E-C12B-4B50-B087-3247F4748AF3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fresenius-kabi:link\\\\+_agilia:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1548AA3F-659F-43C3-9261-C7FD55465877\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T04:25:16.824Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-44464\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T15:56:40.775925Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T15:56:43.163Z\"}}], \"cna\": {\"title\": \"Fresenius Kabi Agilia Connect Infusion System hard coded credentials\", \"source\": {\"advisory\": \"ICSMA-21-355-01\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Julian Suleder (ERNW Research GmbH), Nils Emmerich (ERNW Research GmbH), Raphael Pavlidis (ERNW Research GmbH), and Dr. Oliver Matula (ERNW Enno Rey Netzwerke GmbH) reported these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI project ManiMed (Medical Device Manipulation Project).\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Fresenius Kabi\", \"product\": \"Vigilant Software Suite (Mastermed Dashboard)\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"2.0.1.3\", \"versionType\": \"custom\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Fresenius Kabi has created new versions to address these vulnerabilities:\\n\\u2022\\tLink+ v3.0 (D16 or later)\\n\\u2022\\tVSS v1.0.3 (or later)\\n\\u2022\\tAgilia Connect Pumps Wifi Module (D29 or later)\\n\\u2022\\tAgilia Connect Partner v3.3.2 (or later) \\nFresenius Kabi has initiated communication on this topic in April 2021 with customers to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more information on updating to the newest version.\\nFresenius Kabi also identified that early Link+ devices (approximatively 1200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in customers\\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendation. \\n\"}], \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\", \"tags\": [\"x_refsource_MISC\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\\n\\u2022\\tMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\\n\\u2022\\tLocate control system networks and remote devices behind firewalls and isolate them from the business network.\\n\\u2022\\tWhen remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\\n\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-798\", \"description\": \"CWE-798 Use of Hard-coded Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-01-21T18:17:42.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Julian Suleder (ERNW Research GmbH), Nils Emmerich (ERNW Research GmbH), Raphael Pavlidis (ERNW Research GmbH), and Dr. Oliver Matula (ERNW Enno Rey Netzwerke GmbH) reported these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI project ManiMed (Medical Device Manipulation Project).\"}], \"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, \"source\": {\"advisory\": \"ICSMA-21-355-01\", \"discovery\": \"EXTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"2.0.1.3\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Vigilant Software Suite (Mastermed Dashboard)\"}]}, \"vendor_name\": \"Fresenius Kabi\"}]}}, \"solution\": [{\"lang\": \"en\", \"value\": \"Fresenius Kabi has created new versions to address these vulnerabilities:\\n\\u2022\\tLink+ v3.0 (D16 or later)\\n\\u2022\\tVSS v1.0.3 (or later)\\n\\u2022\\tAgilia Connect Pumps Wifi Module (D29 or later)\\n\\u2022\\tAgilia Connect Partner v3.3.2 (or later) \\nFresenius Kabi has initiated communication on this topic in April 2021 with customers to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more information on updating to the newest version.\\nFresenius Kabi also identified that early Link+ devices (approximatively 1200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in customers\\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendation. \\n\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-798 Use of Hard-coded Credentials\"}]}]}, \"work_around\": [{\"lang\": \"en\", \"value\": \"CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\\n\\u2022\\tMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\\n\\u2022\\tLocate control system networks and remote devices behind firewalls and isolate them from the business network.\\n\\u2022\\tWhen remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\\n\"}], \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-44464\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Fresenius Kabi Agilia Connect Infusion System hard coded credentials\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-44464\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T16:47:01.630Z\", \"dateReserved\": \"2021-11-30T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-01-21T18:17:42.000Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ICSMA-21-355-01

Vulnerability from csaf_cisa - Published: 2021-12-21 00:00 - Updated: 2022-01-27 00:00

Summary

Fresenius Kabi Agilia Connect Infusion System (Update A)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities in system accessories could allow an attacker to gain access to sensitive information, modify settings or parameters, or perform arbitrary actions as an authenticated user.

Critical infrastructure sectors

Healthcare and Public Health

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users ' installation, Fresenius Kabi recommends users to rely on CISA recommendations below.

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Julian Suleder",
          "Nils Emmerich",
          "Raphael Pavlidis"
        ],
        "organization": "ERNW Research GmbH",
        "summary": "reporting these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI ManiMed project"
      },
      {
        "names": [
          "Dr. Oliver Matula"
        ],
        "organization": "ERNW Enno Rey Netzwerke GmbH",
        "summary": "reporting these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI ManiMed project"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities in system accessories could allow an attacker to gain access to sensitive information, modify settings or parameters, or perform arbitrary actions as an authenticated user.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Healthcare and Public Health",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users \u0027 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSMA-21-355-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsma-21-355-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSMA-21-355-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-21-355-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams_0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Fresenius Kabi Agilia Connect Infusion System (Update A)",
    "tracking": {
      "current_release_date": "2022-01-27T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSMA-21-355-01",
      "initial_release_date": "2021-12-21T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2021-12-21T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSMA-21-355-01 Fresenius Kabi Agilia Connect Infusion System"
        },
        {
          "date": "2022-01-27T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSMA-21-355-01 Fresenius Kabi Agilia Connect Infusion System (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= D25",
                "product": {
                  "name": "Agilia Connect WiFi module of the pumps: vD25 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Agilia Connect WiFi module of the pumps"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 3.3.0",
                "product": {
                  "name": "Agilia Partner maintenance software: v3.3.0 and prior",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Agilia Partner maintenance software"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 3.0 D15",
                "product": {
                  "name": "Agilia Link+: v3.0 D15 and prior",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Agilia Link+"
          }
        ],
        "category": "vendor",
        "name": "Fresenius Kabi"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-23236",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Requests may be used to interrupt the normal operation of the device. When exploited, Agilia Link+ must be rebooted via a hard reset triggered by pressing a button on the rack system.CVE-2021-23236 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23236"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-31562",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The SSL/TLS configuration of Agilia Link+ has serious deficiencies that may allow an attacker to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transferred data, manipulate data allegedly secured by SSL/TLS, and impersonate an entity to gain access to sensitive information.CVE-2021-31562 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31562"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-41835",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Agilia Link+ management interface does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.CVE-2021-41835 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41835"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-23196",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The web application on Agilia Link+ implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.CVE-2021-23196 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23196"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-23233",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Sensitive endpoints can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions on Agilia Link+ or modify critical configuration parameters.CVE-2021-23233 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23233"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-23207",
      "cwe": {
        "id": "CWE-256",
        "name": "Plaintext Storage of a Password"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker with physical access to the host can extract the secrets from the registry and create valid JWT tokens for the Fresenius Kabi Vigilant MasterMed application and impersonate arbitrary users. An attacker could manipulate RabbitMQ queues and messages by impersonating users.CVE-2021-23207 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23207"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-33843",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Agilia SP MC WiFi has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.CVE-2021-33843 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33843"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-23195",
      "cwe": {
        "id": "CWE-548",
        "name": "Exposure of Information Through Directory Listing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vigilant API has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listing is enabled, all content of the directory will be displayed, allowing an attacker to identify and access files on the server.CVE-2021-23195 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23195"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-33848",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vigilant Centerium Dashboard is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform unauthorized actions such as stealing internal information and performing actions in context of an authenticated user.CVE-2021-33848 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33848"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-44464",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Vigilant MasterMed application contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.CVE-2021-44464 has been assigned to this vulnerability. A CVSS v3 base score of 6.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44464"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-33846",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Vigilant MasterMed application issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users.CVE-2021-33846 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33846"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-43355",
      "cwe": {
        "id": "CWE-603",
        "name": "Use of Client-Side Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Vigilant MasterMed application allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or intentionally bypass the client-side checks. An attacker with knowledge of the service user could circumvent the client-side control and login with service privileges.CVE-2021-43355 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43355"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-35340",
      "cwe": {
        "id": "CWE-1104",
        "name": "Use of Unmaintained Third Party Components"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected system is using ExpertPdf library and lighttpd web server, which are both out of date. Outdated software may contain vulnerabilities not publicly known but may be reverse engineered by an attacker.CVE-2020-35340 has been assigned to one of the publicly known vulnerabilities in ExpertPdf library. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35340"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Link+ v3.0 (D16 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: VSS v1.0.3 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Pumps Wifi Module (D29 or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has created new versions to address these vulnerabilities: Agilia Connect Partner v3.3.2 (or later)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi has initiated communication on this topic in April 2021 with users to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more update information.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://www.fresenius-kabi.com/us/contact"
        },
        {
          "category": "mitigation",
          "details": "Fresenius Kabi also identified that early Link+ devices (approximatively 1,200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in users\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendations below.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    }
  ]
}

CNVD-2022-07624

Vulnerability from cnvd - Published: 2022-01-30

Title

Fresenius Kabi Agilia Connect Infusion System信任管理问题漏洞

Description

Fresenius Kabi Agilia Connect Infusion System是德国Fresenius Kabi公司的一个输液系统。 Fresenius Kabi Agilia Connect Infusion System存在信任管理问题漏洞，攻击者可利用该漏洞获取该软件所有安装的特权。

Severity

中

Patch Name

Fresenius Kabi Agilia Connect Infusion System信任管理问题漏洞的补丁

Patch Description

Fresenius Kabi Agilia Connect Infusion System是德国Fresenius Kabi公司的一个输液系统。 Fresenius Kabi Agilia Connect Infusion System存在信任管理问题漏洞，攻击者可利用该漏洞获取该软件所有安装的特权。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.fresenius-kabi.com/

Reference

https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01

Impacted products

Name
['Fresenius Kabi Agilia Connect WiFi module <=vD25', 'Fresenius Kabi Agilia Link+ <=3.0 D15', 'Fresenius Kabi Vigilant Software Suite 1.0', 'Fresenius Kabi Agilia Partner maintenance software <=3.3.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-44464"
    }
  },
  "description": "Fresenius Kabi Agilia Connect Infusion System\u662f\u5fb7\u56fdFresenius Kabi\u516c\u53f8\u7684\u4e00\u4e2a\u8f93\u6db2\u7cfb\u7edf\u3002\n\nFresenius Kabi Agilia Connect Infusion System\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8be5\u8f6f\u4ef6\u6240\u6709\u5b89\u88c5\u7684\u7279\u6743\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.fresenius-kabi.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-07624",
  "openTime": "2022-01-30",
  "patchDescription": "Fresenius Kabi Agilia Connect Infusion System\u662f\u5fb7\u56fdFresenius Kabi\u516c\u53f8\u7684\u4e00\u4e2a\u8f93\u6db2\u7cfb\u7edf\u3002\r\n\r\nFresenius Kabi Agilia Connect Infusion System\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8be5\u8f6f\u4ef6\u6240\u6709\u5b89\u88c5\u7684\u7279\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Fresenius Kabi Agilia Connect Infusion System\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Fresenius Kabi Agilia Connect WiFi module \u003c=vD25",
      "Fresenius Kabi Agilia Link+ \u003c=3.0 D15",
      "Fresenius Kabi Vigilant Software Suite 1.0",
      "Fresenius Kabi Agilia Partner maintenance software \u003c=3.3.0"
    ]
  },
  "referenceLink": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01",
  "serverity": "\u4e2d",
  "submitTime": "2021-12-23",
  "title": "Fresenius Kabi Agilia Connect Infusion System\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e"
}

GHSA-JPMR-G8FR-7X23

Vulnerability from github – Published: 2022-01-22 00:00 – Updated: 2022-01-28 00:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-44464"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-21T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.",
  "id": "GHSA-jpmr-g8fr-7x23",
  "modified": "2022-01-28T00:03:14Z",
  "published": "2022-01-22T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44464"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2021-44464

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-44464

Aliases

CVE-2021-44464

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-44464",
    "description": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.",
    "id": "GSD-2021-44464"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-44464"
      ],
      "details": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.",
      "id": "GSD-2021-44464",
      "modified": "2023-12-13T01:23:20.882257Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2021-44464",
        "STATE": "PUBLIC",
        "TITLE": "Fresenius Kabi Agilia Connect Infusion System hard coded credentials"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Vigilant Software Suite (Mastermed Dashboard)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "2.0.1.3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Fresenius Kabi"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Julian Suleder (ERNW Research GmbH), Nils Emmerich (ERNW Research GmbH), Raphael Pavlidis (ERNW Research GmbH), and Dr. Oliver Matula (ERNW Enno Rey Netzwerke GmbH) reported these vulnerabilities to the German Federal Office for Information Security (BSI) in the context of the BSI project ManiMed (Medical Device Manipulation Project)."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-798 Use of Hard-coded Credentials"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01",
            "refsource": "MISC",
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "Fresenius Kabi has created new versions to address these vulnerabilities:\n\u2022\tLink+ v3.0 (D16 or later)\n\u2022\tVSS v1.0.3 (or later)\n\u2022\tAgilia Connect Pumps Wifi Module (D29 or later)\n\u2022\tAgilia Connect Partner v3.3.2 (or later) \nFresenius Kabi has initiated communication on this topic in April 2021 with customers to inform them about availability of the new versions in corresponding countries. Contact Fresenius Kabi online or by phone at 1-800-333-6925 for more information on updating to the newest version.\nFresenius Kabi also identified that early Link+ devices (approximatively 1200 devices) would need hardware change to support D16 or later firmware. Until those devices can be replaced in customers\u2019 installation, Fresenius Kabi recommends users to rely on CISA recommendation. \n"
        }
      ],
      "source": {
        "advisory": "ICSMA-21-355-01",
        "discovery": "EXTERNAL"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\u2022\tMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\n\u2022\tLocate control system networks and remote devices behind firewalls and isolate them from the business network.\n\u2022\tWhen remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fresenius-kabi:agilia_connect_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "d25",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:fresenius-kabi:agilia_connect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:3.0:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:3.0:d15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:fresenius-kabi:link\\+_agilia:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2021-44464"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-798"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-01-28T15:40Z",
      "publishedDate": "2022-01-21T19:15Z"
    }
  }
}

FKIE_CVE-2021-44464

Vulnerability from fkie_nvd - Published: 2022-01-21 19:15 - Updated: 2024-11-21 06:31

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	ics-cert@hq.dhs.gov	https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01	Third Party Advisory, US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
fresenius-kabi	agilia_connect_firmware	*
fresenius-kabi	agilia_connect	-
fresenius-kabi	agilia_partner_maintenance_software	*
fresenius-kabi	vigilant_centerium	1.0
fresenius-kabi	vigilant_insight	1.0
fresenius-kabi	vigilant_mastermed	1.0
fresenius-kabi	link\+_agilia_firmware	*
fresenius-kabi	link\+_agilia_firmware	3.0
fresenius-kabi	link\+_agilia_firmware	3.0
fresenius-kabi	link\+_agilia	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fresenius-kabi:agilia_connect_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B4979F9-A7D5-4B5C-8FF2-C3C67773EE03",
              "versionEndIncluding": "d25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fresenius-kabi:agilia_connect:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BBB63E-7E43-4BC1-A08F-4F1F811F839B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B072164-6AA2-4A14-B7D7-10B4B953004D",
              "versionEndIncluding": "3.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C47210A7-4753-4ED7-8E6B-9BE8EBFABC9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C91B931-F726-4AB2-B3A6-D92F774CF04D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AC7167-F5C8-46A2-B937-953E13D76A32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45FA28DE-939F-4146-A6E2-CE8849C9CB16",
              "versionEndExcluding": "3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "7D5FC3D0-9593-487B-B70A-F8BBCA8A18FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:3.0:d15:*:*:*:*:*:*",
              "matchCriteriaId": "67E88F2E-C12B-4B50-B087-3247F4748AF3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fresenius-kabi:link\\+_agilia:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1548AA3F-659F-43C3-9261-C7FD55465877",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software."
    },
    {
      "lang": "es",
      "value": "Vigilant Software Suite (Mastermed Dashboard) versi\u00f3n 2.0.1.3, contiene credenciales de servicio que probablemente sean comunes en todas las instancias. Un atacante en posesi\u00f3n de la contrase\u00f1a puede alcanzar privilegios en todas las instalaciones de este software"
    }
  ],
  "id": "CVE-2021-44464",
  "lastModified": "2024-11-21T06:31:01.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4,
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-21T19:15:09.403",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-44464 (GCVE-0-2021-44464)

ICSMA-21-355-01

CNVD-2022-07624

GHSA-JPMR-G8FR-7X23

GSD-2021-44464

FKIE_CVE-2021-44464

Tags

Sightings

Nomenclature