Описание
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.
Ссылки
- Broken Link
- Third Party AdvisoryUS Government Resource
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия от 20d29 (включая) до 20d32 (включая)
Одновременно
Одно из
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16:*:*:*:*:*:*:*
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16d38:*:*:*:*:*:*:*
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17:*:*:*:*:*:*:*
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17d19:*:*:*:*:*:*:*
cpe:2.3:h:baxter:spectrum_wireless_battery_module:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:baxter:sigma_spectrum_35700bax_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:baxter:sigma_spectrum_35700bax:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:baxter:sigma_spectrum_35700bax2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:baxter:sigma_spectrum_35700bax2:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:baxter:baxter_spectrum_iq_35700bax3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:baxter:baxter_spectrum_iq_35700bax3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
3.1 Low
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-134
CWE-134
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.
EPSS
Процентиль: 48%
0.0025
Низкий
3.1 Low
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-134
CWE-134