Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker with access to the network could observe sensitive treatment and prescription data sent between the Phoenix system and the Exalis tool.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.us-cert.gov/ics/advisories/icsma-20-170-03 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2020-06-29T13:48:04
Updated: 2024-08-04T11:48:57.931Z
Reserved: 2020-04-21T00:00:00
Link: CVE-2020-12048
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-06-29T14:15:11.990
Modified: 2024-11-21T04:59:10.710
Link: CVE-2020-12048
Redhat
No data.