CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-33886

HIGH
8.1
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile42.91th
Published2021年8月25日
Last Modified2024年11月21日

Vulnerability Description

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as the device.

Affected Platforms (CPE)

💻
Bbraun

Spacecom2

< 012u000062

References & Advisories

🔗 https://www.bbraunusa.com/en.htm
🔗 https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/
🔗 https://www.bbraunusa.com/en.htm
🔗 https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/

関連する脆弱性情報

CVE-2021-3388510.0

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthen...

CVE-2021-338826.8

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to...

CVE-2021-338846.5

An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers...

CVE-2021-338835.9

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker...