Vulnerabilities > BD > Alaris 8015 PCU Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-13 CVE-2023-30561 Missing Encryption of Sensitive Data vulnerability in BD Alaris 8015 PCU Firmware 9.33.1
The data flowing between the PCU and its modules is insecure.
low complexity
bd CWE-311
6.1
2023-07-13 CVE-2023-30560 Improper Authentication vulnerability in BD Alaris 8015 PCU Firmware 9.33.1
The configuration from the PCU can be modified without authentication using physical connection to the PCU.
low complexity
bd CWE-287
6.8
2023-07-13 CVE-2023-30559 Improper Authentication vulnerability in BD Alaris 8015 PCU Firmware 12.1.3/9.33.1
The firmware update package for the wireless card is not properly signed and can be modified.
low complexity
bd CWE-287
5.7
2020-11-13 CVE-2020-25165 Improper Authentication vulnerability in BD Alaris 8015 PCU Firmware and Alaris Systems Manager
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager.
network
low complexity
bd CWE-287
5.0