CVE-2022-43557: BD BodyGuard™ Pumps – RS-232 Interface Vulnerability
First published: Mon Dec 05 2022(Updated: )
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.
Credit: cybersecurity@bd.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Bd Bodyguard 999-603 | ||
| Bd Bodyguard 999-603 Firmware | ||
| All of | ||
| Bd Bodyguard Duo 999-903 | ||
| Bd Bodyguard Duo 999-903 Firmware | ||
| All of | ||
| Bd Bodyguard Epidural 999-683 | ||
| Bd Bodyguard Epidural 999-683 Firmware | ||
| All of | ||
| Bd Bodyguard Pain Manager 999-803 | ||
| Bd Bodyguard Pain Manager 999-803 Firmware | ||
| All of | ||
| Bd Bodyguard T 999-103 | ||
| Bd Bodyguard T 999-103 Firmware | ||
| All of | ||
| Bd Bodyguard 323 Colorvision | ||
| Bd Bodyguard 323 Colorvision Firmware | ||
| All of | ||
| Bd Bodyguard 121 Twins | ||
| Bd Bodyguard 121 Twins Firmware | ||
| Bd Bodyguard 999-603 | ||
| Bd Bodyguard 999-603 Firmware | ||
| Bd Bodyguard Duo 999-903 | ||
| Bd Bodyguard Duo 999-903 Firmware | ||
| Bd Bodyguard Epidural 999-683 | ||
| Bd Bodyguard Epidural 999-683 Firmware | ||
| Bd Bodyguard Pain Manager 999-803 | ||
| Bd Bodyguard Pain Manager 999-803 Firmware | ||
| Bd Bodyguard T 999-103 | ||
| Bd Bodyguard T 999-103 Firmware | ||
| Bd Bodyguard 323 Colorvision | ||
| Bd Bodyguard 323 Colorvision Firmware | ||
| Bd Bodyguard 121 Twins | ||
| Bd Bodyguard 121 Twins Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-43557?
CVE-2022-43557 is a vulnerability that allows threat actors with physical access and specialized equipment to configure or disable the BD BodyGuard™ infusion pumps through the RS-232 interface.
How does CVE-2022-43557 affect the BD BodyGuard™ infusion pumps?
CVE-2022-43557 affects the BD BodyGuard™ infusion pumps by allowing unauthorized configuration or disabling of the pumps through the RS-232 interface.
What is the severity of CVE-2022-43557?
CVE-2022-43557 has a severity rating of 5.3 (Medium).
What is the affected software of CVE-2022-43557?
The affected software of CVE-2022-43557 includes the BD BodyGuard™ infusion pumps with specific firmware versions.
How can I mitigate CVE-2022-43557?
To mitigate CVE-2022-43557, follow the recommendations provided by the vendor and refer to the provided reference link for more information.
- agent/author
- agent/weakness
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/title
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/bd
- canonical/bd bodyguard 999-603
- canonical/bd bodyguard 999-603 firmware
- canonical/bd bodyguard duo 999-903
- canonical/bd bodyguard duo 999-903 firmware
- canonical/bd bodyguard epidural 999-683
- canonical/bd bodyguard epidural 999-683 firmware
- canonical/bd bodyguard pain manager 999-803
- canonical/bd bodyguard pain manager 999-803 firmware
- canonical/bd bodyguard t 999-103
- canonical/bd bodyguard t 999-103 firmware
- canonical/bd bodyguard 323 colorvision
- canonical/bd bodyguard 323 colorvision firmware
- canonical/bd bodyguard 121 twins
- canonical/bd bodyguard 121 twins firmware