Successful exploitation of these vulnerabilities could result in access to sensitive data and alteration of system configuration.
- CVE-2022-26390 - CWE-311 - MISSING ENCRYPTION OF SENSITIVE DATA
The Baxter Spectrum WBM (v16, v16D38, v17, v17D19, v20D29 to v20D32, and v22D19 to v22D28) stores network credentials and patient health information (PHI) in unencrypted form. PHI is only stored in Spectrum IQ pumps using auto programming. An attacker with physical access to a device without all data and settings erased may be able to extract sensitive information. A CVSS v3 base score of 4.2 has been calculated.
- CVE-2022-26392 - CWE-134 - USE OF EXTERNALLY CONTROLLED FORMAT STRING
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32), when in superuser mode, are susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information. A CVSS v3 base score of 3.1 has been calculated.
- CVE-2022-26393 - CWE-134 - USE OF EXTERNALLY CONTROLLED FORMAT STRING
The Baxter Spectrum WBM (v20D29) is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a denial-of-service condition on the WBM. A CVSS v3 base score of 5.0 has been calculated.
- CVE-2022-26394 - CWE-306 - MISSING AUTHENTICATION FOR CRITICAL FUNCTION
The Baxter Spectrum WBM (v16, v16D38, v17, v17D19, v20D29 to v20D32) does not perform mutual authentication with the gateway server host. This could allow an attacker to perform a machine-in-the-middle attack that modifies parameters, making the network connection fail. A CVSS v3 base score of 5.5 has been calculated.