CVE-2014-5432
published 2019-03-26CVE-2014-5432: Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 is remotely accessible via Port 22/SSH…
PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.57%
83.2th percentile
Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access account credentials and shared keys. Baxter asserts that this vulnerability only allows access to features and functionality on the WBM and that the SIGMA Spectrum infusion pump cannot be controlled from the WBM. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8, which incorporates hardware and software changes.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| baxter | sigma_spectrum_infusion_system | — | — |
| baxter | sigma_spectrum_infusion_system_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated SSH connections (no prior auth exchange) inbound to Port 22 on Baxter SIGMA Spectrum WBM devices (model 35700BAX, WBM version 16). ↗
- →Alert on any SSH or FTP traffic directed at medical device VLANs/segments hosting Baxter WBMs, particularly from outside the designated Wi-Fi VLAN. ↗
- →Detect commands issued over SSH to the WBM that attempt to retrieve wireless account credentials or shared keys stored in cleartext. ↗
- →Flag FTP connections to Baxter WBM devices; the WBM has a default account with hard-coded credentials used with FTP that may indicate exploitation or reconnaissance. ↗
- ·Vulnerability is specific to SIGMA Spectrum Infusion System Version 6.05 (model 35700BAX) with WBM Version 16 only; Version 8 removes the SSH service entirely and is not affected by CVE-2014-5432. ↗
- ·Baxter asserts exploitation is limited to WBM features and does not allow control of infusion pump parameters; however, wireless credentials and shared keys are exposed. ↗
- ·No known public exploits exist for this vulnerability; exploitation requires low skill level and network-level access to the WBM. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7gh3-72p7-5h77: Baxter SIGMA Spectrum Infusion System version 6
ghsa_unreviewed·2022-05-13
CVE-2014-5432 [CRITICAL] CWE-287 GHSA-7gh3-72p7-5h77: Baxter SIGMA Spectrum Infusion System version 6
Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access account credentials and shared keys. Baxter asserts that this vulnerability only allows access to features and functionality on the WBM and that the SIGMA Spectrum infusion pump cannot be controlled from the WBM. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8, which incorporates hardware and software changes.
CISA ICS
Baxter SIGMA Spectrum Infusion System Vulnerabilities
cisa_ics·2015-09-29
Baxter SIGMA Spectrum Infusion System Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Baxter SIGMA Spectrum Infusion System Vulnerabilities
Last RevisedSeptember 29, 2015
Alert CodeICSA-15-181-01
## OVERVIEW
This advisory was originally posted to the US-CERT secure Portal library on June 30, 2015, and is being released to the NCCIC/ICS-CERT web site.
Researcher Jared Bird with Allina IS Security identified four vulnerabilities in Baxter’s SIGMA Spectrum Infusion System. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8 that incorporates hardware and software changes, which do not contain three of the four identified vulnerabiliti
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-03-26
Published