CVE-2021-27408

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The affected product is vulnerable to an out-of-bounds read, which can cause information leakage leading to arbitrary code execution if chained to the out-of-bounds write vulnerability on the Welch Allyn medical device management tools (Welch Allyn Service Tool: versions prior to v1.10, Welch Allyn Connex Device Integration Suite – Network Connectivity Engine (NCE): versions prior to v5.3, Welch Allyn Software Development Kit (SDK): versions prior to v3.2, Welch Allyn Connex Central Station (CS): versions prior to v1.8.6, Welch Allyn Service Monitor: versions prior to v1.7.0.0, Welch Allyn Connex Vital Signs Monitor (CVSM): versions prior to v2.43.02, Welch Allyn Connex Integrated Wall System (CIWS): versions prior to v2.43.02, Welch Allyn Connex Spot Monitor (CSM): versions prior to v1.52, Welch Allyn Spot Vital Signs 4400 Device (Spot 4400) / Welch Allyn Spot 4400 Vital Signs Extended Care Device: versions prior to v1.11.00).

El producto afectado es vulnerable a una lectura fuera de límites, lo que puede causar un filtrado de información que conlleve una ejecución de código arbitrario si se encadena con la vulnerabilidad de escritura fuera de límites de Welch Allyn medical device management tools (Welch Allyn Service Tool: versiones anteriores a v1.10, Welch Allyn Connex Device Integration Suite - Network Connectivity Engine (NCE): versiones anteriores a v5.3, Welch Allyn Software Development Kit (SDK): versiones anteriores a v3. 2, Welch Allyn Connex Central Station (CS): versiones anteriores a v1.8.6, Welch Allyn Service Monitor: versiones anteriores a v1.7.0.0, Welch Allyn Connex Vital Signs Monitor (CVSM): versiones anteriores a v2.43.02, Welch Allyn Connex Integrated Wall System (CIWS): versiones anteriores a v2. 43.02, Welch Allyn Connex Spot Monitor (CSM): versiones anteriores a v1.52, Welch Allyn Spot Vital Signs 4400 Device (Spot 4400) / Welch Allyn Spot 4400 Vital Signs Extended Care Device: versiones anteriores a v1.11.00)

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-02-19 CVE Reserved
2021-06-11 CVE Published
2024-02-25 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (1)

URL	Tag	Source
https://us-cert.cisa.gov/ics/advisories/icsma-21-152-01	Mitigation

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hillrom Search vendor "Hillrom"		Connex Central Station Search vendor "Hillrom" for product "Connex Central Station"				< 1.8.6 Search vendor "Hillrom" for product "Connex Central Station" and version " < 1.8.6"		-		Affected
Hillrom Search vendor "Hillrom"		Connex Device Integration Suite Network Connectivity Engine Search vendor "Hillrom" for product "Connex Device Integration Suite Network Connectivity Engine"				< 5.3 Search vendor "Hillrom" for product "Connex Device Integration Suite Network Connectivity Engine" and version " < 5.3"		-		Affected
Hillrom Search vendor "Hillrom"		Connex Integrated Wall System Search vendor "Hillrom" for product "Connex Integrated Wall System"				< 2.43.02 Search vendor "Hillrom" for product "Connex Integrated Wall System" and version " < 2.43.02"		-		Affected
Hillrom Search vendor "Hillrom"		Connex Spot Monitor Search vendor "Hillrom" for product "Connex Spot Monitor"				< 1.52 Search vendor "Hillrom" for product "Connex Spot Monitor" and version " < 1.52"		-		Affected
Hillrom Search vendor "Hillrom"		Connex Vital Signs Monitor Search vendor "Hillrom" for product "Connex Vital Signs Monitor"				< 2.43.02 Search vendor "Hillrom" for product "Connex Vital Signs Monitor" and version " < 2.43.02"		-		Affected
Hillrom Search vendor "Hillrom"		Service Monitor Search vendor "Hillrom" for product "Service Monitor"				< 1.7.0.0 Search vendor "Hillrom" for product "Service Monitor" and version " < 1.7.0.0"		-		Affected
Hillrom Search vendor "Hillrom"		Service Tool Search vendor "Hillrom" for product "Service Tool"				< 1.10 Search vendor "Hillrom" for product "Service Tool" and version " < 1.10"		-		Affected
Hillrom Search vendor "Hillrom"		Software Development Kit Search vendor "Hillrom" for product "Software Development Kit"				< 3.2 Search vendor "Hillrom" for product "Software Development Kit" and version " < 3.2"		-		Affected
Hillrom Search vendor "Hillrom"		Spot Vital Signs 4400 Search vendor "Hillrom" for product "Spot Vital Signs 4400"				< 1.11.00 Search vendor "Hillrom" for product "Spot Vital Signs 4400" and version " < 1.11.00"		-		Affected
Hillrom Search vendor "Hillrom"		Spot Vital Signs 4400 Search vendor "Hillrom" for product "Spot Vital Signs 4400"				< 1.11.00 Search vendor "Hillrom" for product "Spot Vital Signs 4400" and version " < 1.11.00"		extended_care		Affected