Defibrillator X

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

zoll

CWE-255

NVD

Published: 2014-08-12

Updated: 2014-08-14

Summary

ZOLL Defibrillator / Monitor X Series has a default (1) supervisor password and (2) service password, which allows physically proximate attackers to modify device configuration and cause a denial of service (adverse human health effects).

Vulnerable Configurations

Part	Description	Count
Hardware	Zoll Zoll Monitor/Defibrillator X	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.zoll.com/WorkArea/DownloadAsset.aspx?id=25506