CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-33885

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile20.84th
Published2021年8月25日
Last Modified2024年11月21日

Vulnerability Description

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used in place of the correct data. This results in full system command access and execution because of the lack of cryptographic signatures on critical data sets.

Affected Platforms (CPE)

💻
Bbraun

Spacecom2

< 012u000062

References & Advisories

🔗 https://www.bbraunusa.com/en.htm
🔗 https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/
🔗 https://www.bbraunusa.com/en.htm
🔗 https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/

相關漏洞威脅

CVE-2021-338868.1

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker...

CVE-2021-338826.8

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to...

CVE-2021-338846.5

An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers...

CVE-2021-338835.9

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker...