Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system. An attacker could observe sensitive data sent from the device.
Advisories
Source ID Title
EUVD EUVD EUVD-2020-4352 Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system. An attacker could observe sensitive data sent from the device.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2024-08-04T11:48:57.981Z

Reserved: 2020-04-21T00:00:00

Link: CVE-2020-12036

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-06-29T14:15:11.460

Modified: 2024-11-21T04:59:09.520

Link: CVE-2020-12036

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.