PT-2022-8701 · B. Braun Melsungen Ag · Data Module Compactplus+1

Published

2022-04-14

Updated

2022-04-21

CVE-2020-25156

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions B. Braun Melsungen AG SpaceCom version L8/U61 Data module compactplus versions A10 and A11 and earlier

Description The issue allows attackers with cryptographic material to access the device as root due to active debug code.

Recommendations For B. Braun Melsungen AG SpaceCom version L8/U61, remove or disable the active debug code to prevent unauthorized access. For Data module compactplus versions A10 and A11 and earlier, remove or disable the active debug code to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-489

Related Identifiers

CVE-2020-25156

Affected Products

B. Braun Melsungen Ag Spacecom

Data Module Compactplus

PT-2022-8701 · B. Braun Melsungen Ag · Data Module Compactplus+1

CVE-2020-25156

Weakness Enumeration

Related Identifiers

Affected Products

References · 4