Vulnerabilities > CVE-2020-10598 - Unspecified vulnerability in BD products

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

NVD

Published: 2020-04-01

Updated: 2021-09-14

Summary

In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.

Vulnerable Configurations

Part	Description	Count
OS	Bd BD Pyxis Medstation ES Firmware 1.6.1 BD Pyxis Anesthesia Station ES Firmware 1.6.1	2
Hardware	Bd BD Pyxis Medstation ES - BD Pyxis Anesthesia Station ES -	2

References

https://www.us-cert.gov/ics/advisories/icsma-20-091-01