// For flags

CVE-2022-43557

BD BodyGuard™ Pumps – RS-232 Interface Vulnerability

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.

Las bombas de infusión BD BodyGuard™ especificadas permiten el acceso a través de la interfaz del puerto RS-232 (serie). Si se explotan, los actores de amenazas con acceso físico, equipo especializado y conocimientos pueden configurar o desactivar la bomba. En la bomba no se almacena información de salud electrónica protegida (ePHI), información de salud protegida (PHI) ni información de identificación personal (PII).

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-10-20 CVE Reserved
  • 2022-12-05 CVE Published
  • 2024-06-27 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
  • CWE-1299: Missing Protection Mechanism for Alternate Hardware Interface
CAPEC
  • CAPEC-115: Authentication Bypass
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Bd
Search vendor "Bd"
Bodyguard 999-603 Firmware
Search vendor "Bd" for product "Bodyguard 999-603 Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard 999-603
Search vendor "Bd" for product "Bodyguard 999-603"
--
Safe
Bd
Search vendor "Bd"
Bodyguard Duo 999-903 Firmware
Search vendor "Bd" for product "Bodyguard Duo 999-903 Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard Duo 999-903
Search vendor "Bd" for product "Bodyguard Duo 999-903"
--
Safe
Bd
Search vendor "Bd"
Bodyguard Epidural 999-683 Firmware
Search vendor "Bd" for product "Bodyguard Epidural 999-683 Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard Epidural 999-683
Search vendor "Bd" for product "Bodyguard Epidural 999-683"
--
Safe
Bd
Search vendor "Bd"
Bodyguard Pain Manager 999-803 Firmware
Search vendor "Bd" for product "Bodyguard Pain Manager 999-803 Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard Pain Manager 999-803
Search vendor "Bd" for product "Bodyguard Pain Manager 999-803"
--
Safe
Bd
Search vendor "Bd"
Bodyguard T 999-103 Firmware
Search vendor "Bd" for product "Bodyguard T 999-103 Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard T 999-103
Search vendor "Bd" for product "Bodyguard T 999-103"
--
Safe
Bd
Search vendor "Bd"
Bodyguard 323 Colorvision Firmware
Search vendor "Bd" for product "Bodyguard 323 Colorvision Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard 323 Colorvision
Search vendor "Bd" for product "Bodyguard 323 Colorvision"
--
Safe
Bd
Search vendor "Bd"
Bodyguard 121 Twins Firmware
Search vendor "Bd" for product "Bodyguard 121 Twins Firmware"
--
Affected
in Bd
Search vendor "Bd"
Bodyguard 121 Twins
Search vendor "Bd" for product "Bodyguard 121 Twins"
--
Safe