CVE-2020-12041 - OpenCVE

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Baxter	Sigma Spectrum Infusion System Firmware Wireless Battery Module Sigma Spectrum Infusion System

Configuration 1 [-]

AND

cpe:2.3:o:baxter:sigma_spectrum_infusion_system_firmware:8.0:*:*:*:*:*:*:*

OR	cpe:2.3:h:baxter:sigma_spectrum_infusion_system:-:::::::*
	cpe:2.3:h:baxter:wireless_battery_module:17:::::::*
	cpe:2.3:h:baxter:wireless_battery_module:20d29:::::::*
	cpe:2.3:h:baxter:wireless_battery_module:20d30:::::::*
	cpe:2.3:h:baxter:wireless_battery_module:20d31:::::::*
	cpe:2.3:h:baxter:wireless_battery_module:22d24:::::::*

References

Link	Resource
https://www.us-cert.gov/ics/advisories/icsma-20-170-04	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2020-06-29T13:43:52

Updated: 2020-06-29T13:43:52

Reserved: 2020-04-21T00:00:00

Link: CVE-2020-12041

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-29T14:15:11.757

Modified: 2020-07-08T15:22:44.550

Link: CVE-2020-12041

JSON object: View

Redhat Information

No data.

CWE

CWE-732

{"containers": {"cna": {"affected": [{"product": "Baxter Sigma Spectrum Infusion Pumps", "vendor": "n/a", "versions": [{"status": "affected", "version": "Sigma Spectrum v6.x model 35700BAX, Baxter Spectrum v8.x model 35700BAX2,Sigma Spectrum v6.x with Wireless Battery Module v9,11,13,14,15,16,v20D29,v20D30,v20D31,v22D24, Baxter Spectrum v8.x with Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24,Baxter Spectrum Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24,Baxter Spectrum LVP v8.x w/Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24"}]}], "descriptions": [{"lang": "en", "value": "The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-29T13:43:52", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-04"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2020-12041", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Baxter Sigma Spectrum Infusion Pumps", "version": {"version_data": [{"version_value": "Sigma Spectrum v6.x model 35700BAX, Baxter Spectrum v8.x model 35700BAX2,Sigma Spectrum v6.x with Wireless Battery Module v9,11,13,14,15,16,v20D29,v20D30,v20D31,v22D24, Baxter Spectrum v8.x with Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24,Baxter Spectrum Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24,Baxter Spectrum LVP v8.x w/Wireless Battery Module v17,v20D29,v20D30,v20D31,v22D24"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732"}]}]}, "references": {"reference_data": [{"name": "https://www.us-cert.gov/ics/advisories/icsma-20-170-04", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-04"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2020-12041", "datePublished": "2020-06-29T13:43:52", "dateReserved": "2020-04-21T00:00:00", "dateUpdated": "2020-06-29T13:43:52", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:baxter:sigma_spectrum_infusion_system_firmware:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "72D0F7CB-3D24-4A8D-826D-ACB20ACBEB1C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:baxter:sigma_spectrum_infusion_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E25260-EC14-4E98-A86B-CBBE47E26AE5", "vulnerable": false}, {"criteria": "cpe:2.3:h:baxter:wireless_battery_module:17:*:*:*:*:*:*:*", "matchCriteriaId": "7DD7F5A5-FDC7-4976-910E-C1AFD2D61BA3", "vulnerable": false}, {"criteria": "cpe:2.3:h:baxter:wireless_battery_module:20d29:*:*:*:*:*:*:*", "matchCriteriaId": "30CE6E9A-4921-46B4-946D-A84A92F99855", "vulnerable": false}, {"criteria": "cpe:2.3:h:baxter:wireless_battery_module:20d30:*:*:*:*:*:*:*", "matchCriteriaId": "CB987049-C099-482C-83FB-ECBF43C71DE5", "vulnerable": false}, {"criteria": "cpe:2.3:h:baxter:wireless_battery_module:20d31:*:*:*:*:*:*:*", "matchCriteriaId": "89077083-BD72-499F-8628-F34052747F01", "vulnerable": false}, {"criteria": "cpe:2.3:h:baxter:wireless_battery_module:22d24:*:*:*:*:*:*:*", "matchCriteriaId": "FE329FD7-E3C9-4908-8273-231BF132915D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot."}, {"lang": "es", "value": "La Interfaz de L\u00ednea de Comandos telnet de Baxter Spectrum WBM (versiones v17, v20D29, v20D30, v20D31 y v22D24), otorga acceso a datos confidenciales almacenados en el WBM que permite cambios de configuraci\u00f3n temporales en ajustes de red del WBM y permite que el WBM sea reiniciado. Los cambios de configuraci\u00f3n temporales de la red son eliminados al reiniciar"}], "id": "CVE-2020-12041", "lastModified": "2020-07-08T15:22:44.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.4, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-29T14:15:11.757", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-732"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}