PT-2018-14518 · Roche · Cobas H 232+2
Published
2018-11-20
·
Updated
2020-08-24
·
CVE-2018-18564
CVSS v3.1
7.4
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Roche Accu-Chek Inform II Instrument versions prior to 03.06.00 (Serial number below 14000)
Roche Accu-Chek Inform II Instrument versions 04.x prior to 04.03.00 (Serial Number above 14000)
CoaguChek Pro II versions prior to 04.03.00
cobas h 232 versions prior to 04.00.04 (Serial number above KQ0400000 or KS0400000)
Description
An issue allows attackers in the adjacent network to change the instrument configuration due to improper access control.
Recommendations
For Roche Accu-Chek Inform II Instrument versions prior to 03.06.00, update to version 03.06.00 or later.
For Roche Accu-Chek Inform II Instrument versions 04.x prior to 04.03.00, update to version 04.03.00 or later.
For CoaguChek Pro II versions prior to 04.03.00, update to version 04.03.00 or later.
For cobas h 232 versions prior to 04.00.04, update to version 04.00.04 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Coaguchek Pro Ii
Roche Accu-Chek Inform Ii Instrument
Cobas H 232