CVE-2022-26393

EUVD-2022-30952
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service (DoS) on the WBM.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
BaxterCNA
5 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
baxtersigma_spectrum_35700bax_firmware
-
baxtersigma_spectrum_35700bax2_firmware
-
baxterbaxter_spectrum_iq_35700bax3_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx
https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01
https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx