Risk Scores
CVSS v3.1
8.100000381469727
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ExactaMix EM1200: Versions 1.1 1.2 1.4 1.5 | ||
| ExactaMix EM2400: Versions 1.10 1.11 1.13 1.14 |
Timeline
- May 19, 2017 PoC Published
- Jun 18, 2020 CVE Published
- Jun 23, 2020 CVE Updated
- Feb 21, 2025 PoC Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsma-20-170-01.json advisory
- https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-170-01 advisory
- https://www.fda.gov/medical-devices/digital-health/cybersecurity url
- https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B url
- https://www.baxter.com/product-security#additionalresources fix