What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2022-22765.

What is the severity of CVE-2022-22765?

The severity of CVE-2022-22765 is rated as high with a CVSS score of 7.8.

What is the affected software in this vulnerability?

The affected software in this vulnerability is BD Viper LT system, versions 2.0 and later.

Are there any patches or bulletins available to address this vulnerability?

Yes, patches and bulletins for addressing this vulnerability can be found at the following references: [Link to BD Viper LT system - Hardcoded Credentials bulletin](https://cybersecurity.bd.com/bulletins-and-patches/bd-viper-lt-system-%E2%80%93-hardcoded-credentials) and [Link to ICSMA-22-062-02 advisory](https://www.cisa.gov/uscert/ics/advisories/icsma-22-062-02).

Vulnerability/
CVE-2022-22765

high

CWE

798

12/2/2022

17/9/2024

CVE-2022-22765: BD Viper LT System - Hardcoded Credentials

Q: What are the potential consequences of exploiting this vulnerability?

If exploited, threat actors may be able to access, modify, or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI), and personally identifiable information (PII).

First published: Sat Feb 12 2022(Updated: )

BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII). BD Viper LT system versions 4.0 and later utilize Microsoft Windows 10 and have additional Operating System hardening configurations which increase the attack complexity required to exploit this vulnerability.

Credit: cybersecurity@bd.com

Affected Software	Affected Version	How to fix
Bd Viper Lt System Firmware	>=2.0<4.80
BD Viper LT system

Remedy

The fix is expected in BD Viper LT system version 4.80 software release.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-22765.
What is the severity of CVE-2022-22765?
The severity of CVE-2022-22765 is rated as high with a CVSS score of 7.8.
What is the affected software in this vulnerability?
The affected software in this vulnerability is BD Viper LT system, versions 2.0 and later.
What are the potential consequences of exploiting this vulnerability?
If exploited, threat actors may be able to access, modify, or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI), and personally identifiable information (PII).
Are there any patches or bulletins available to address this vulnerability?
Yes, patches and bulletins for addressing this vulnerability can be found at the following references: [Link to BD Viper LT system - Hardcoded Credentials bulletin](https://cybersecurity.bd.com/bulletins-and-patches/bd-viper-lt-system-%E2%80%93-hardcoded-credentials) and [Link to ICSMA-22-062-02 advisory](https://www.cisa.gov/uscert/ics/advisories/icsma-22-062-02).

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/title
agent/weakness
agent/remedy
agent/severity
agent/last-modified-date
agent/tags
agent/author
agent/description
agent/first-publish-date
agent/event
vendor/bd
canonical/bd viper lt system firmware
version/bd viper lt system firmware/2.0
canonical/bd viper lt system

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.