CVE-2022-26392 : The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D

The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.

Published 2022-09-09 15:15:10

Updated 2022-09-15 16:45:04

Source Baxter

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2022-26392

Baxter » Spectrum Wireless Battery Module Firmware
Versions from including (>=) 20d29 and up to, including, (<=) 20d32
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Spectrum Wireless Battery Module » Version: N/A
Baxter » Spectrum Wireless Battery Module Firmware » Version: 16
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Spectrum Wireless Battery Module » Version: N/A
Baxter » Spectrum Wireless Battery Module Firmware » Version: 16d38
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16d38:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Spectrum Wireless Battery Module » Version: N/A
Baxter » Spectrum Wireless Battery Module Firmware » Version: 17
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Spectrum Wireless Battery Module » Version: N/A
Baxter » Spectrum Wireless Battery Module Firmware » Version: 17d19
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17d19:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Spectrum Wireless Battery Module » Version: N/A
Baxter » Sigma Spectrum 35700bax Firmware » Version: N/A
cpe:2.3:o:baxter:sigma_spectrum_35700bax_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Sigma Spectrum 35700bax » Version: N/A
Baxter » Sigma Spectrum 35700bax2 Firmware » Version: N/A
cpe:2.3:o:baxter:sigma_spectrum_35700bax2_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Sigma Spectrum 35700bax2 » Version: N/A
Baxter » Baxter Spectrum Iq 35700bax3 Firmware » Version: N/A
cpe:2.3:o:baxter:baxter_spectrum_iq_35700bax3_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Baxter » Baxter Spectrum Iq 35700bax3 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-26392

EPSS FAQ

0.33%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 55 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-26392

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
3.1	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N	1.6	1.4	Baxter
Attack Vector: Network Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2022-26392

CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Assigned by:
- nvd@nist.gov (Primary)
- productsecurity@baxter.com (Secondary)

References for CVE-2022-26392

https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01

Baxter Sigma Spectrum Infusion Pump | CISA
Third Party Advisory;US Government Resource

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-26392

Products affected by CVE-2022-26392

Exploit prediction scoring system (EPSS) score for CVE-2022-26392

CVSS scores for CVE-2022-26392

CWE ids for CVE-2022-26392

References for CVE-2022-26392