Vulnerabilities > BD > Pyxis Anesthesia Station ES Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-06-02 CVE-2022-22767 Insufficiently Protected Credentials vulnerability in BD products
Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials.
low complexity
bd CWE-522
8.8
2022-02-11 CVE-2022-22766 Use of Hard-coded Credentials vulnerability in BD products
Hardcoded credentials are used in specific BD Pyxis products.
local
low complexity
bd CWE-798
5.5
2020-04-01 CVE-2020-10598 Unspecified vulnerability in BD products
In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices.
low complexity
bd
6.1