Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code execution by an authenticated attacker.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HDraeger X Dock 5300
HWDraegerwszystkie wersjeDraeger X Dock 6300
HWDraegerwszystkie wersjeDraeger X Dock 6600
HWDraegerwszystkie wersjeDraeger X Dock Firmware
OSDraeger< 03.00.13
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
Powiązane podatności
CVE-2021-28111HIGH8.8ten sam produkt
Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an aut...
CVE-2019-25716HIGH7.1ten sam vendor
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that all...
CVE-2019-25718HIGH8.6ten sam vendor
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out...
CVE-2018-19012HIGH7.8ten sam vendor
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity ...
CVE-2019-25717MEDIUM5.3ten sam vendor
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability th...