PT-2019-7130 · Baxter · Baxter Sigma Spectrum Infusion System

Published

2019-03-26

Updated

2019-10-09

CVE-2014-5434

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Baxter SIGMA Spectrum Infusion System version 6.05

Description The issue concerns a default account with hard-coded credentials used in conjunction with the FTP protocol. It is specified that no files can be transferred to or from the wireless battery module using this account.

Recommendations For Baxter SIGMA Spectrum Infusion System version 6.05, update to version 8, which incorporates necessary hardware and software changes to address the issue.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798CWE-259

Related Identifiers

CVE-2014-5434

Affected Products

Baxter Sigma Spectrum Infusion System

PT-2019-7130 · Baxter · Baxter Sigma Spectrum Infusion System

CVE-2014-5434

Weakness Enumeration

Related Identifiers

Affected Products

References · 2