Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2022-26392
Analyzed
More InfoOfficial Page
Source-productsecurity@baxter.com
View Known Exploited Vulnerability (KEV) details
Published At-09 Sep, 2022 | 15:15
Updated At-15 Sep, 2022 | 16:45

The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary3.13.1LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 3.1
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
CPE Matches
Baxter International, Inc.
baxter
>>spectrum_wireless_battery_module>>-
cpe:2.3:h:baxter:spectrum_wireless_battery_module:-:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>spectrum_wireless_battery_module_firmware>>Versions from 20d29(inclusive) to 20d32(inclusive)
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:*:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>spectrum_wireless_battery_module_firmware>>16
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>spectrum_wireless_battery_module_firmware>>16d38
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16d38:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>spectrum_wireless_battery_module_firmware>>17
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>spectrum_wireless_battery_module_firmware>>17d19
cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17d19:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>sigma_spectrum_35700bax>>-
cpe:2.3:h:baxter:sigma_spectrum_35700bax:-:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>sigma_spectrum_35700bax_firmware>>-
cpe:2.3:o:baxter:sigma_spectrum_35700bax_firmware:-:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>sigma_spectrum_35700bax2>>-
cpe:2.3:h:baxter:sigma_spectrum_35700bax2:-:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>sigma_spectrum_35700bax2_firmware>>-
cpe:2.3:o:baxter:sigma_spectrum_35700bax2_firmware:-:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>baxter_spectrum_iq_35700bax3>>-
cpe:2.3:h:baxter:baxter_spectrum_iq_35700bax3:-:*:*:*:*:*:*:*
Baxter International, Inc.
baxter
>>baxter_spectrum_iq_35700bax3_firmware>>-
cpe:2.3:o:baxter:baxter_spectrum_iq_35700bax3_firmware:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-134Primarynvd@nist.gov
CWE-134Secondaryproductsecurity@baxter.com
CWE ID: CWE-134
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-134
Type: Secondary
Source: productsecurity@baxter.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01nvd@nist.gov
Third Party Advisory
US Government Resource
https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xxproductsecurity@baxter.com
Broken Link
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01
Source: nvd@nist.gov
Resource:
Third Party Advisory
US Government Resource
Hyperlink: https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx
Source: productsecurity@baxter.com
Resource:
Broken Link
Change History
0Changes found
Details not found