CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25166

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper with devices.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.7%

CVSS Severity

CVSS v3 Score 7.6

CVSS v2 Score 7.5

References

https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html
https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02
https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html
https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02

Products affected by CVE-2020-25166

Bbraun » Datamodule Compactplus » Version: N/A

cpe:2.3:h:bbraun:datamodule_compactplus:-
Bbraun » Spacecom » Version: N/A

cpe:2.3:h:bbraun:spacecom:-
Bbraun » Datamodule Compactplus » Version: a10

cpe:2.3:o:bbraun:datamodule_compactplus:a10
Bbraun » Datamodule Compactplus » Version: a11

cpe:2.3:o:bbraun:datamodule_compactplus:a11
Bbraun » Spacecom » Version: Any

cpe:2.3:o:bbraun:spacecom:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25166

Products

Pricing

Contact Us