CVE-2022-26393 MEDIUM

CVE-2022-26393: Format String vulnerability

Vendor Baxter
Product Baxter Spectrum Wireless Battery Module (WBM)
Weakness CWE-134
Published September 9, 2022
Last update September 16, 2024

CVSS base score

5.0/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service (DoS) on the WBM.

Key dates

02Disclosure timeline

September 9, 2022 CVE published
September 16, 2024 Record updated