Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker with access to the network could observe sensitive treatment and prescription data sent between the Phoenix system and the Exalis tool.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsma-20-170-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2020-06-29T13:48:04
Updated: 2020-06-29T13:48:04
Reserved: 2020-04-21T00:00:00
Link: CVE-2020-12048
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-06-29T14:15:11.990
Modified: 2020-07-16T13:12:20.120
Link: CVE-2020-12048
JSON object: View
Redhat Information
No data.
CWE