Vulnerabilities > CVE-2020-12043 - Operation on a Resource after Expiration or Release vulnerability in Baxter Sigma Spectrum Infusion System Firmware 8.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

baxter

CWE-672

NVD

Published: 2020-06-29

Updated: 2020-07-08

Summary

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when configured for wireless networking the FTP service operating on the WBM remains operational until the WBM is rebooted.

Vulnerable Configurations

Part	Description	Count
OS	Baxter Baxter Sigma Spectrum Infusion System Firmware 8.0	1
Hardware	Baxter Baxter Sigma Spectrum Infusion System - Baxter Wireless Battery Module 17 Baxter Wireless Battery Module 20D29 Baxter Wireless Battery Module 20D30 Baxter Wireless Battery Module 20D31 Baxter Wireless Battery Module 22D24	6

Common Weakness Enumeration (CWE)

CWE-672 - Operation on a Resource after Expiration or Release

References

https://www.us-cert.gov/ics/advisories/icsma-20-170-04