CVE-2022-26393 Vulnerability Details

  /     /     /  

CVE-2022-26393 Metadata Quick Info

CVE Published: 09/09/2022 | CVE Updated: 16/09/2024 | CVE Year: 2022
Source: Baxter | Vendor: Baxter | Product: Baxter Spectrum Wireless Battery Module (WBM)
Status : PUBLISHED

---

CVE-2022-26393 Description

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service (DoS) on the WBM.

Metrics

CVSS Version: 3.1 | Base Score: 5 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* LOW
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* LOW
    Availability Impact (A)* LOW

Weakness Enumeration (CWE)

CWE-ID: CWE-134
CWE Name: CWE-134 Use of Externally-Controlled Format String
Source: Baxter

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).