What is the severity of CVE-2014-5432?

CVE-2014-5432 has a high severity due to remote access vulnerabilities that allow unauthorized modifications.

How do I fix CVE-2014-5432?

To fix CVE-2014-5432, ensure that SSH access is disabled or restricted on the Baxter SIGMA Spectrum Infusion System.

What systems are affected by CVE-2014-5432?

CVE-2014-5432 affects Baxter SIGMA Spectrum Infusion System version 6.05 and Wireless Battery Module version 16.

Can CVE-2014-5432 be exploited remotely?

Yes, CVE-2014-5432 can be exploited remotely via Port 22/SSH without authentication, allowing attackers unauthorized access.

What potential impact does CVE-2014-5432 have on healthcare devices?

CVE-2014-5432 can lead to unauthorized configuration changes and command issuance on critical healthcare devices, compromising patient safety.

Vulnerability/
CVE-2014-5432

critical

9.8

CWE

287 592

26/3/2019

6/8/2024

CVE-2014-5432

First published: Tue Mar 26 2019(Updated: )

Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access account credentials and shared keys. Baxter asserts that this vulnerability only allows access to features and functionality on the WBM and that the SIGMA Spectrum infusion pump cannot be controlled from the WBM. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8, which incorporates hardware and software changes.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Baxter Sigma Spectrum Infusion System	=6.05
Baxter Sigma Spectrum Infusion System
Baxter Wireless Battery Module	=16

Never miss a vulnerability like this again

Reference Links

https://ics-cert.us-cert.gov/advisories/ICSA-15-181-01

Frequently Asked Questions

What is the severity of CVE-2014-5432?
CVE-2014-5432 has a high severity due to remote access vulnerabilities that allow unauthorized modifications.
How do I fix CVE-2014-5432?
To fix CVE-2014-5432, ensure that SSH access is disabled or restricted on the Baxter SIGMA Spectrum Infusion System.
What systems are affected by CVE-2014-5432?
CVE-2014-5432 affects Baxter SIGMA Spectrum Infusion System version 6.05 and Wireless Battery Module version 16.
Can CVE-2014-5432 be exploited remotely?
Yes, CVE-2014-5432 can be exploited remotely via Port 22/SSH without authentication, allowing attackers unauthorized access.
What potential impact does CVE-2014-5432 have on healthcare devices?
CVE-2014-5432 can lead to unauthorized configuration changes and command issuance on critical healthcare devices, compromising patient safety.

agent/weakness
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/baxter
canonical/baxter sigma spectrum infusion system
version/baxter sigma spectrum infusion system/6.05
canonical/baxter sigma spectrum 35700bax2 firmware
canonical/baxter wireless battery module
version/baxter wireless battery module/16

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.