Vulnerability in Baxter Sigma Spectrum Infusion System

CVE-2014-5434

Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to o…

EPSS: 0.002 (48.4th percentile) — read the EPSS interpretation.

Affected products

Baxter Sigma Spectrum Infusion System — versions 6.05 (model 35700BAX) with wireless battery module (WBM) version 16

Weakness classification (CWE)

CWE-259 — Use of Hard-coded Password

References

ics-cert.us-cert.gov/advisories/ICSA-15-181-01 (x_refsource_MISC)