HIGH✓ PATCH🇬🇧 English

CVE-2020-25156

CVSS 7.2v3.1pub. 2022-04-14upd. 2024-11-21

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Bbraun Datamodule Compactplus

    OS
    Bbraun
    a10a11
  • Bbraun Spacecom

    OS
    Bbraun
    ≤ l81
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-25150HIGH7.6ten sam produkt

A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Da...

CVE-2020-25162HIGH7.5ten sam produkt

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Dat...

CVE-2020-25158HIGH7.6ten sam produkt

A reflected cross-site scripting (XSS) vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and...

CVE-2020-25166HIGH7.6ten sam produkt

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG Space...

CVE-2020-25164MEDIUM6.5ten sam produkt

A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compact...