Vulnerability Details CVE-2018-18561
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.5%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 7.7
References
Products affected by CVE-2018-18561
-
cpe:2.3:h:roche:accu-chek_inform_ii:-
-
cpe:2.3:h:roche:base_unit_hub:-
-
cpe:2.3:h:roche:coaguchek:-
-
cpe:2.3:h:roche:cobas_h_232:-
-
cpe:2.3:o:roche:accu-chek_inform_ii_firmware:*
-
cpe:2.3:o:roche:base_unit_hub_firmware:*
-
cpe:2.3:o:roche:coaguchek_firmware:*
-
cpe:2.3:o:roche:cobas_h_232_firmware:03.01.03