Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43557


The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.


Published

2022-12-05T22:15:11.157

Last Modified

2024-11-21T07:26:47.053

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-1299
  • Type: Primary
    CWE-287

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System bd bodyguard_999-603_firmware - Yes
Hardware bd bodyguard_999-603 - No
Operating System bd bodyguard_duo_999-903_firmware - Yes
Hardware bd bodyguard_duo_999-903 - No
Operating System bd bodyguard_epidural_999-683_firmware - Yes
Hardware bd bodyguard_epidural_999-683 - No
Operating System bd bodyguard_pain_manager_999-803_firmware - Yes
Hardware bd bodyguard_pain_manager_999-803 - No
Operating System bd bodyguard_t_999-103_firmware - Yes
Hardware bd bodyguard_t_999-103 - No
Operating System bd bodyguard_323_colorvision_firmware - Yes
Hardware bd bodyguard_323_colorvision - No
Operating System bd bodyguard_121_twins_firmware - Yes
Hardware bd bodyguard_121_twins - No

References