CVE-2024-1275 CRITICAL

CVE-2024-1275: Vulnerability in Baxter Welch Allyn Connex Spot Monitor

Vendor Baxter
Product Welch Allyn Connex Spot Monitor
Weakness CWE-1394
Published May 31, 2024
Last update August 1, 2024

CVSS base score

9.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Use of Default Cryptographic Key vulnerability in Baxter Welch Allyn Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Allyn Connex Spot Monitor in all versions prior to 1.52.

Key dates

02Disclosure timeline

May 31, 2024 CVE published
August 1, 2024 Record updated