1. Home
  2. CVE Database
  3. CVE-2022-43557
MEDIUM · 5.3

CVE-2022-43557

The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be abl...

Vulnerability Description

The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
HIGH

Affected Products

VendorProductVersions
BdBodyguard 999-603 Firmware-
BdBodyguard 999-603-
BdBodyguard Duo 999-903 Firmware-
BdBodyguard Duo 999-903-
BdBodyguard Epidural 999-683 Firmware-
BdBodyguard Epidural 999-683-
BdBodyguard Pain Manager 999-803 Firmware-
BdBodyguard Pain Manager 999-803-
BdBodyguard T 999-103 Firmware-
BdBodyguard T 999-103-
BdBodyguard 323 Colorvision Firmware-
BdBodyguard 323 Colorvision-
BdBodyguard 121 Twins Firmware-
BdBodyguard 121 Twins-

Related Weaknesses (CWE)

CWE-287CWE-1299

References

FAQ

What is CVE-2022-43557?

CVE-2022-43557 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be abl...

How severe is CVE-2022-43557?

CVE-2022-43557 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-43557?

Check the references section above for vendor advisories and patch information. Affected products include: Bd Bodyguard 999-603 Firmware, Bd Bodyguard 999-603, Bd Bodyguard Duo 999-903 Firmware, Bd Bodyguard Duo 999-903, Bd Bodyguard Epidural 999-683 Firmware.