CVE-2020-12041
Severity Score
9.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot.
La Interfaz de Línea de Comandos telnet de Baxter Spectrum WBM (versiones v17, v20D29, v20D30, v20D31 y v22D24), otorga acceso a datos confidenciales almacenados en el WBM que permite cambios de configuración temporales en ajustes de red del WBM y permite que el WBM sea reiniciado. Los cambios de configuración temporales de la red son eliminados al reiniciar
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-04-21 CVE Reserved
- 2020-06-29 CVE Published
- 2023-03-15 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsma-20-170-04 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Firmware Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" | 8.0 Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" and version "8.0" | - |
Affected
| in | Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Search vendor "Baxter" for product "Sigma Spectrum Infusion System" | - | - |
Safe
|
| Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Firmware Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" | 8.0 Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" and version "8.0" | - |
Affected
| in | Baxter Search vendor "Baxter" | Wireless Battery Module Search vendor "Baxter" for product "Wireless Battery Module" | 17 Search vendor "Baxter" for product "Wireless Battery Module" and version "17" | - |
Safe
|
| Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Firmware Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" | 8.0 Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" and version "8.0" | - |
Affected
| in | Baxter Search vendor "Baxter" | Wireless Battery Module Search vendor "Baxter" for product "Wireless Battery Module" | 20d29 Search vendor "Baxter" for product "Wireless Battery Module" and version "20d29" | - |
Safe
|
| Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Firmware Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" | 8.0 Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" and version "8.0" | - |
Affected
| in | Baxter Search vendor "Baxter" | Wireless Battery Module Search vendor "Baxter" for product "Wireless Battery Module" | 20d30 Search vendor "Baxter" for product "Wireless Battery Module" and version "20d30" | - |
Safe
|
| Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Firmware Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" | 8.0 Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" and version "8.0" | - |
Affected
| in | Baxter Search vendor "Baxter" | Wireless Battery Module Search vendor "Baxter" for product "Wireless Battery Module" | 20d31 Search vendor "Baxter" for product "Wireless Battery Module" and version "20d31" | - |
Safe
|
| Baxter Search vendor "Baxter" | Sigma Spectrum Infusion System Firmware Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" | 8.0 Search vendor "Baxter" for product "Sigma Spectrum Infusion System Firmware" and version "8.0" | - |
Affected
| in | Baxter Search vendor "Baxter" | Wireless Battery Module Search vendor "Baxter" for product "Wireless Battery Module" | 22d24 Search vendor "Baxter" for product "Wireless Battery Module" and version "22d24" | - |
Safe
|