CVE-2024-10476

Name of the Vulnerable Software and Affected Versions BD Diagnostic Solutions products (affected versions not specified) BD Synapsys Informatics Solution versions installed on a NUC server

Description The issue concerns the use of default credentials in BD Diagnostic Solutions products. If exploited, threat actors may access, modify, or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this issue may allow an attacker to shut down or otherwise impact the availability of the system.

Recommendations For BD Diagnostic Solutions products, update systems to the latest versions to mitigate risks. For BD Synapsys Informatics Solution installed on a NUC server, update the system to the latest version to mitigate risks. As a temporary workaround, consider changing default credentials to custom, secure credentials until a patch is available. Restrict access to sensitive data and implement additional security measures to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.