← volver
CVE-2022-22766

BD Pyxis Products - Hardcoded Credentials

CVSS 7 HIGHEPSS 0.2%CWE-798
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic protected health information (ePHI) or other sensitive information.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Becton Dickinson (BD) · BD Pyxis Anesthesia Station 4000Becton Dickinson (BD) · BD Pyxis Anesthesia Station ESBecton Dickinson (BD) · BD Pyxis CATOBecton Dickinson (BD) · BD Pyxis CIISafeBecton Dickinson (BD) · BD Pyxis Inventory ConnectBecton Dickinson (BD) · BD Pyxis IV PrepBecton Dickinson (BD) · BD Pyxis JITrBUDBecton Dickinson (BD) · BD Pyxis KanBan RFBecton Dickinson (BD) · BD Pyxis LogisticsBecton Dickinson (BD) · BD Pyxis MedBankBecton Dickinson (BD) · BD Pyxis Med Link FamilyBecton Dickinson (BD) · BD Pyxis MedStation 4000Becton Dickinson (BD) · BD Pyxis MedStation ESBecton Dickinson (BD) · BD Pyxis MedStation ES ServerBecton Dickinson (BD) · BD Pyxis ParAssistBecton Dickinson (BD) · BD Pyxis PharmoPackBecton Dickinson (BD) · BD Pyxis ProcedureStation (including EC)Becton Dickinson (BD) · BD Pyxis Rapid RxBecton Dickinson (BD) · BD Pyxis StockStationBecton Dickinson (BD) · BD Pyxis SupplyCenterBecton Dickinson (BD) · BD Pyxis SupplyRollerBecton Dickinson (BD) · BD Pyxis SupplyStation (including RF, EC, CP)Becton Dickinson (BD) · BD Pyxis Track and DeliverBecton Dickinson (BD) · BD Rowa Pouch Packaging Systems

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cybersecurity.bd.com/bulletins-and-patches/bd-pyxis-products---hardcoded-credentialshttps://www.cisa.gov/uscert/ics/advisories/icsma-22-062-01