The official site for Saudi CERT
Baxter Updates
2930
Warning Date
Severity Level
Warning Number
Target Sector
25 June, 2020
● High
2020-1404
HealthCare
Description:
Baxter has released a security updates to address vulnerabilities in the following products:
- Sigma Spectrum v6.x model 35700BAX
- Baxter Spectrum v8.x model 35700BAX2
- Sigma Spectrum v6.x with Wireless Battery Modules v9, v11, v13, v14, v15, v16, v20D29, v20D30, v20D31, and v22D24
- Baxter Spectrum v8.x with Wireless Battery Modules v17, v20D29, v20D30, v20D31, and v22D24
- Baxter Spectrum Wireless Battery Modules v17, v20D29, v20D30, v20D31, and v22D24
- Baxter Spectrum LVP v8.x with Wireless Battery Modules v17, v20D29, v20D30, v20D31, and v22D24
- Phoenix Hemodialysis Delivery System SW 3.36 and 3.40
- PrismaFlex all versions
- PrisMax all versions prior to 3.x
- ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14,
- ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5
Threats:
Attacker could exploit the vulnerability by doing the following:
- Sensitive information disclosure
- Escalation of privilege
- Unauthorized modification
Best practice and Recommendations:
The Baxter team encourages users to update the product and apply the following mitigation:
- https://www.baxter.com/sites/g/files/ebysai746/files/2020-06/ICSMA-20-170-04.pdf
- https://www.baxter.com/sites/g/files/ebysai746/files/2020-06/ICSMA-20-170-03.pdf
- https://www.baxter.com/sites/g/files/ebysai746/files/2020-06/ICSMA-20-170-02a.pdf
- https://www.baxter.com/sites/g/files/ebysai746/files/2020-06/ICSMA-20-170-02b.pdf
- https://www.baxter.com/sites/g/files/ebysai746/files/2020-06/ICSMA-20-170-01.pdf
Rate the content
Share the page
