Описание
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 03.01.04 (исключая)
Одновременно
cpe:2.3:o:roche:accu-chek_inform_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:roche:accu-chek_inform_ii:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 03.01.04 (исключая)
Одновременно
cpe:2.3:o:roche:cobas_h_232_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:roche:cobas_h_232:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 03.01.04 (исключая)
Одновременно
cpe:2.3:o:roche:coaguchek_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:roche:coaguchek:-:*:*:*:*:*:*:*
Конфигурация 4Версия до 03.01.04 (исключая)
Одновременно
cpe:2.3:o:roche:base_unit_hub_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:roche:base_unit_hub:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00262
Низкий
8 High
CVSS3
7.7 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 8
github
больше 3 лет назад
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.
EPSS
Процентиль: 49%
0.00262
Низкий
8 High
CVSS3
7.7 High
CVSS2
Дефекты
CWE-732