CVE-2014-5432

Name of the Vulnerable Software and Affected Versions Baxter SIGMA Spectrum Infusion System version 6.05

Description The issue allows remote access via Port 22/SSH without authentication, enabling a remote attacker to make unauthorized configuration changes to the wireless battery module (WBM) and potentially access account credentials and shared keys. It is noted that this vulnerability does not allow control of the SIGMA Spectrum infusion pump from the WBM.

Recommendations For Baxter SIGMA Spectrum Infusion System version 6.05, update to Version 8, which incorporates necessary hardware and software changes to address the issue.