A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02 | Third Party Advisory US Government Resource |
https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html | Broken Link |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Information
Published : 2022-04-14 14:15
Updated : 2022-04-21 13:31
NVD link : CVE-2020-16238
Mitre link : CVE-2020-16238
JSON object : View
CWE
CWE-269
Improper Privilege Management
Products Affected
bbraun
- spacecom
- datamodule_compactplus