CyberSec.Space Logo
Back to CVE Browser

CVE-2021-33886

HIGH
8.1
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile42.91th
PublishedAug 25, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as the device.

Affected Platforms (CPE)

πŸ’»
Bbraun

Spacecom2

< 012u000062

References & Advisories

πŸ”— https://www.bbraunusa.com/en.htm
πŸ”— https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/
πŸ”— https://www.bbraunusa.com/en.htm
πŸ”— https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/

Related Vulnerabilities

CVE-2021-3388510.0

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthen...

CVE-2021-338826.8

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to...

CVE-2021-338846.5

An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers...

CVE-2021-338835.9

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker...