Vulnerability Description
Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration values, network configuration of Sigma Spectrum WBM if installed.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Baxter | Sigma Spectrum Infusion System Firmware | >= 6.0, <= 6.05 |
| Baxter | Sigma Spectrum Infusion System | - |
Related Weaknesses (CWE)
References
- https://www.us-cert.gov/ics/advisories/icsma-20-170-04Third Party AdvisoryUS Government Resource
- https://www.us-cert.gov/ics/advisories/icsma-20-170-04Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2020-12039?
CVE-2020-12039 is a vulnerability with a CVSS score of 2.4 (LOW). Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered o...
How severe is CVE-2020-12039?
CVE-2020-12039 has been rated LOW with a CVSS base score of 2.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-12039?
Check the references section above for vendor advisories and patch information. Affected products include: Baxter Sigma Spectrum Infusion System Firmware, Baxter Sigma Spectrum Infusion System.