FKIE_CVE-2022-26390

Vulnerability from fkie_nvd - Published: 2022-09-09 15:15 - Updated: 2024-11-21 06:53
Severity ?
4.2 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.2 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only applicable to Spectrum IQ pumps using auto programming) in unencrypted form. An attacker with physical access to a device that hasn't had all data and settings erased may be able to extract sensitive information.
References
productsecurity@baxter.comhttps://www.us-cert.gov/ics/advisories/icsma-22-xxx-xxThird Party Advisory, US Government Resource
nvd@nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xxThird Party Advisory, US Government Resource
Impacted products
Vendor Product Version
baxter spectrum_wireless_battery_module_firmware *
baxter spectrum_wireless_battery_module_firmware *
baxter spectrum_wireless_battery_module_firmware 16
baxter spectrum_wireless_battery_module_firmware 16d38
baxter spectrum_wireless_battery_module_firmware 17
baxter spectrum_wireless_battery_module_firmware 17d19
baxter spectrum_wireless_battery_module -
baxter sigma_spectrum_35700bax_firmware -
baxter sigma_spectrum_35700bax -
baxter sigma_spectrum_35700bax2_firmware -
baxter sigma_spectrum_35700bax2 -
baxter baxter_spectrum_iq_35700bax3_firmware -
baxter baxter_spectrum_iq_35700bax3 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34DB00B2-DE3D-4D7B-9F03-35060096C37C",
              "versionEndIncluding": "20d32",
              "versionStartIncluding": "20d29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87121F24-64BD-4D6D-8467-5FBCCE0512C1",
              "versionEndIncluding": "22d28",
              "versionStartIncluding": "22d19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "719496E8-9020-456F-8CCC-FDFE10CF2820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16d38:*:*:*:*:*:*:*",
              "matchCriteriaId": "03DA9071-305A-4319-9807-1BD6F9EB8FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C68B374-58AD-4E71-9B83-3CA0241B8A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17d19:*:*:*:*:*:*:*",
              "matchCriteriaId": "85202DB1-56E1-43C6-81BC-C141862D72C0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:spectrum_wireless_battery_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E8AA9C-1024-482D-8636-551486698A8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:sigma_spectrum_35700bax_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1354B2D0-A259-4832-BB3D-BD9C157FB5C0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:sigma_spectrum_35700bax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EAFF022-6879-4734-9AEB-DE45E6E235DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:sigma_spectrum_35700bax2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2715381-CA8F-416B-B9AD-9CDBDC181338",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:sigma_spectrum_35700bax2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "576C9566-DA3F-43E8-B4E8-C5DEF3B06696",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:baxter_spectrum_iq_35700bax3_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89AFD13D-97D8-40A5-B36B-9B65229302B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:baxter_spectrum_iq_35700bax3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71D6364A-9707-4BB0-8808-AF3314026A79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only applicable to Spectrum IQ pumps using auto programming) in unencrypted form. An attacker with physical access to a device that hasn\u0027t had all data and settings erased may be able to extract sensitive information."
    },
    {
      "lang": "es",
      "value": "El M\u00f3dulo de Bater\u00eda Inal\u00e1mbrica (WBM) de Baxter Spectrum almacena credenciales de red y PHI (s\u00f3lo aplicable a las bombas Spectrum IQ que usan programaci\u00f3n autom\u00e1tica) de forma no cifrada. Un atacante con acceso f\u00edsico a un dispositivo al que no le han sido borrados todos los datos y configuraciones puede ser capaz de extraer informaci\u00f3n confidencial"
    }
  ],
  "id": "CVE-2022-26390",
  "lastModified": "2024-11-21T06:53:53.800",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 3.6,
        "source": "productsecurity@baxter.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-09T15:15:09.453",
  "references": [
    {
      "source": "productsecurity@baxter.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx"
    }
  ],
  "sourceIdentifier": "productsecurity@baxter.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-311"
        }
      ],
      "source": "productsecurity@baxter.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.