Vulnerability Details CVE-2020-25165
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager. If exploited, an attacker could perform a denial-of-service attack on the BD Alaris PC Unit by modifying the configuration headers of data in transit. A denial-of-service attack could lead to a drop in the wireless capability of the BD Alaris PC Unit, resulting in manual operation of the PC Unit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-25165
-
cpe:2.3:a:bd:alaris_systems_manager:-
-
cpe:2.3:a:bd:alaris_systems_manager:4.33
-
cpe:2.3:h:bd:alaris_8015_pcu:-
-
cpe:2.3:o:bd:alaris_8015_pcu_firmware:-
-
cpe:2.3:o:bd:alaris_8015_pcu_firmware:9.33.1