Vulnerability Description
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager. If exploited, an attacker could perform a denial-of-service attack on the BD Alaris PC Unit by modifying the configuration headers of data in transit. A denial-of-service attack could lead to a drop in the wireless capability of the BD Alaris PC Unit, resulting in manual operation of the PC Unit.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bd | Alaris 8015 Pcu Firmware | <= 9.33.1 |
| Bd | Alaris 8015 Pcu | - |
| Bd | Alaris Systems Manager | <= 4.33 |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsma-20-317-01Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsma-20-317-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2020-25165?
CVE-2020-25165 is a vulnerability with a CVSS score of 7.5 (HIGH). BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerabili...
How severe is CVE-2020-25165?
CVE-2020-25165 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-25165?
Check the references section above for vendor advisories and patch information. Affected products include: Bd Alaris 8015 Pcu Firmware, Bd Alaris 8015 Pcu, Bd Alaris Systems Manager.