← Back

CVE-2022-26393

nvd nist
Published: Sep 9, 2022Modified: Nov 21, 2024

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Exploitability: 2.8 / Impact: 5.2
Source: NVD

Description

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service (DoS) on the WBM.

Affected (4)

Baxter
4 products
Spectrum Wireless Battery Module Firmware
Sigma Spectrum 35700bax Firmware
Sigma Spectrum 35700bax2 Firmware
Baxter Spectrum Iq 35700bax3 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Spectrum Wireless Battery Module Firmware
Version 20d29
Running on/withPlatform Versions
Baxter
Spectrum Wireless Battery Module
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sigma Spectrum 35700bax Firmware
All versions
Running on/withPlatform Versions
Baxter
Sigma Spectrum 35700bax
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sigma Spectrum 35700bax2 Firmware
All versions
Running on/withPlatform Versions
Baxter
Sigma Spectrum 35700bax2
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Baxter Spectrum Iq 35700bax3 Firmware
All versions
Running on/withPlatform Versions
Baxter
Baxter Spectrum Iq 35700bax3
All versions

Related CWEs

CWE-134
Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (3)

Source: productsecurity@baxter.com
Broken Link
Source: nvd@nist.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.