baxter CVE Vulnerabilities & CVE List (27)

Products (CPE): — CVEs: 27

baxter vulnerability overview

Aggregates CVE and security vulnerability intelligence across all baxter-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Common weakness patterns include vendor risk buffer overflow and vendor risk sql injection, with potential vendor impact application crash and vendor impact memory corruption across vendor surface production workloads use cases.

Vulnerability distribution trend (last 24 months)

Showing 2127 of 27 CVEs
«« First « Prev Page 2 / 2 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2020-12016 Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account credentials for the ExactaMix operating system. Successful exploitation of this vulnerability may allow an attacker who has gained unauthorized access to system resources, including access to execute software or [email protected] 9.8 1.86% 2020-06-29 2026-06-16
CVE-2020-12012 Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 have hard-coded administrative account credentials for the ExactaMix application. Successful exploitation of this vulnerability may allow an attacker with physical access to gain unauthorized access to view/update system configuration or data. This could [email protected] 6.1 0.34% 2020-06-29 2026-06-16
CVE-2020-12008 Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an attacker with network access to view sensitive data including PHI. [email protected] 7.5 0.95% 2020-06-29 2026-06-16
CVE-2014-5433 An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16, which may allow an attacker to gain access the host network. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8, which incorporates hardware and software changes. [email protected] 9.8 2.06% 2019-03-26 2026-06-16
CVE-2014-5432 Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access account credentials and shared keys. Baxter asserts that this vulnerability only allows access to features and functionality on the WBM and that the SIGMA Spectrum infusion pump cannot be controlled fro [email protected] 9.8 2.57% 2019-03-26 2026-06-16
CVE-2014-5431 Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password may allow an attacker with physical access to the device to access management functions to make unauthorized configuration changes to biomedical settings such as turn on and off wireless connections [email protected] 6.8 0.38% 2019-03-26 2026-06-16
CVE-2014-5434 Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to or from the WBM using this account. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8, which incorporates hardware and software changes. [email protected] 9.8 1.56% 2019-03-26 2026-06-16
«« First « Prev Page 2 / 2 Next »
cvelogic Threat Intelligence