CVE-2020-25165

Name of the Vulnerable Software and Affected Versions BD Alaris PC Unit, Model 8015, versions 9.33.1 and earlier BD Alaris Systems Manager, versions 4.33 and earlier

Description The affected products are vulnerable to a network session authentication issue within the authentication process. If exploited, an attacker could perform a denial-of-service attack by modifying the configuration headers of data in transit. This could lead to a drop in the wireless capability, resulting in manual operation.

Recommendations For BD Alaris PC Unit, Model 8015, versions 9.33.1 and earlier: update to a version later than 9.33.1 to resolve the issue. For BD Alaris Systems Manager, versions 4.33 and earlier: update to a version later than 4.33 to resolve the issue. As a temporary workaround, consider restricting access to the authentication process between the BD Alaris PC Unit and the BD Alaris Systems Manager to minimize the risk of exploitation.