What is CVE-2024-48967?

CVE-2024-48967 is a critical-severity vulnerability in Baxter Life2000 Ventilation System, classified under CWE-778. CVSS score: 10.0/10. Published 2024-11-14.

How severe is CVE-2024-48967?

Critical severity. CVSS v3 base score is 10.0 out of 10.

Vulnerability in Baxter Life2000 Ventilation System

CVE-2024-48967

The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without d…

EPSS: 0.003 (51.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Baxter Life2000 Ventilation System — versions 06.08.00.00 and prior

Weakness classification (CWE)

CWE-778

References

www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01

Frequently asked questions

What is CVE-2024-48967?: CVE-2024-48967 is a critical-severity vulnerability in Baxter Life2000 Ventilation System, classified under CWE-778. CVSS score: 10.0/10. Published 2024-11-14.
How severe is CVE-2024-48967?: Critical severity. CVSS v3 base score is 10.0 out of 10.