PT-2018-14515 · Roche · Accu-Chek Inform Ii Base Unit+2

Publicado

2018-11-20

Atualizado

2020-08-24

CVE-2018-18561

CVSS v3.1

8.0

Alta

Vetor

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Roche Accu-Chek Inform II Base Unit / Base Unit Hub versions prior to 03.01.04 Roche CoaguChek / cobas h232 Handheld Base Unit versions prior to 03.01.04

Description The issue is related to insecure permissions in a service interface, which may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.

Recommendations For Roche Accu-Chek Inform II Base Unit / Base Unit Hub versions prior to 03.01.04, update to version 03.01.04 or later. For Roche CoaguChek / cobas h232 Handheld Base Unit versions prior to 03.01.04, update to version 03.01.04 or later.

Correção

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2018-18561

Produtos afetados

Accu-Chek Inform Ii Base Unit

Coaguchek

Cobas H232 Handheld Base Unit

PT-2018-14515 · Roche · Accu-Chek Inform Ii Base Unit+2

CVE-2018-18561

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4