CVE-2021-33843 MEDIUM

CVE-2021-33843: Fresenius Kabi Agilia Connect Infusion System files or directories accessible to external parties

Vendor Fresenius Kabi

Product Agilia Connect WiFi

Weakness CWE-552 · Files accessible externally

Published January 21, 2022

Last update April 16, 2025

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.

Key dates

02Disclosure timeline

January 21, 2022 CVE published

April 16, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-33843

Related vulnerabilities

Identifiers

CVE CVE-2021-33843

CWE CWE-552

CVSS 5.3 / MEDIUM

Affected versions