← Back

Roche

roche

5 CVEs • 14 products

Products (14)

Click to collapse
Toggle
Accu Chek Inform Ii Firmware
accu-chek_inform_ii_firmware
5 CVEs
Cobas H 232 Firmware
cobas_h_232_firmware
5 CVEs
Coaguchek Pro Ii Firmware
coaguchek_pro_ii_firmware
3 CVEs
Coaguchek Firmware
coaguchek_firmware
2 CVEs
Base Unit Hub Firmware
base_unit_hub_firmware
2 CVEs
Coaguchek Xs Plus Firmware
coaguchek_xs_plus_firmware
2 CVEs
Coaguchek Xs Pro Firmware
coaguchek_xs_pro_firmware
2 CVEs
Accu Chek Inform Ii
accu-chek_inform_ii
0 CVEs
Cobas H 232
cobas_h_232
0 CVEs
Coaguchek
coaguchek
0 CVEs
Base Unit Hub
base_unit_hub
0 CVEs
Coaguchek Pro Ii
coaguchek_pro_ii
0 CVEs
Coaguchek Xs Plus
coaguchek_xs_plus
0 CVEs
Coaguchek Xs Pro
coaguchek_xs_pro
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18565
1Roche
5Accu Chek Inform Ii Firmware
Coaguchek Pro Ii FirmwareCoaguchek Xs Plus Firmware+2 more
Nov 21, 2024
Nov 20, 2018
N/A· v4
6.8 MEDIUM· v3
4.1 MEDIUM· v2
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before...Show more
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial number below KQ0400000 or KS0400000), and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). A vulnerability in the software update mechanism allows authenticated attackers in the adjacent network to overwrite arbitrary files on the system through a crafted update package.Show less
CVE-2018-18564
1Roche
3Accu Chek Inform Ii Firmware
Coaguchek Pro Ii FirmwareCobas H 232 Firmware
Nov 21, 2024
Nov 20, 2018
N/A· v4
7.4 HIGH· v3
3.3 LOW· v2
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, and cobas h 232 before 0...Show more
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). Improper access control allows attackers in the adjacent network to change the instrument configuration.Show less
CVE-2018-18563
1Roche
5Accu Chek Inform Ii Firmware
Coaguchek Pro Ii FirmwareCoaguchek Xs Plus Firmware+2 more
Nov 21, 2024
Nov 20, 2018
N/A· v4
9.6 CRITICAL· v3
8.3 HIGH· v2
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before...Show more
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial Number below KQ0400000 or KS0400000) and cobas h 232 before 04.00.04 (Serial Number above KQ0400000 or KS0400000). Improper access control to a service command allows attackers in the adjacent network to execute arbitrary code on the system through a crafted Poct1-A message.Show less
CVE-2018-18562
1Roche
4Accu Chek Inform Ii Firmware
Base Unit Hub FirmwareCoaguchek Firmware+1 more
Nov 21, 2024
Nov 20, 2018
N/A· v4
8.8 HIGH· v3
3.3 LOW· v2
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent n...Show more
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent network to gain unauthorized service access via a service interface.Show less
CVE-2018-18561
1Roche
4Accu Chek Inform Ii Firmware
Base Unit Hub FirmwareCoaguchek Firmware+1 more
Nov 21, 2024
Nov 20, 2018
N/A· v4
8.0 HIGH· v3
7.7 HIGH· v2
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenti...Show more
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.Show less