CVE-2020-25166

B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

CVSS 7.6 HIGHEPSS 0.4%CWE-347

In short

B. Braun medical devices don't properly verify that firmware updates are legitimate, allowing attackers to create fake updates that can alter how the devices work.

Technical detail

CWE-347 involves improper cryptographic signature verification on firmware updates for B. Braun SpaceCom and Data module compactplus devices. An attacker can craft malicious firmware with arbitrary content that passes validation, enabling device tampering without authentication. The attack requires the ability to deliver the malicious firmware to the device, but successful exploitation allows unauthorized modification of medical device behavior.

Summary generated and translated by AI from the official description.

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper with devices.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Affected products

B. Braun Melsungen AG · Battery pack with Wi-Fi B. Braun Melsungen AG · Data module compactplus B. Braun Melsungen AG · SpaceCom

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02