Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system. An attacker could observe sensitive data sent from the device.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsma-20-170-01 | Not Applicable |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2020-06-29T13:49:53
Updated: 2020-06-29T13:49:53
Reserved: 2020-04-21T00:00:00
Link: CVE-2020-12036
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-06-29T14:15:11.460
Modified: 2020-07-14T15:40:52.793
Link: CVE-2020-12036
JSON object: View
Redhat Information
No data.
CWE