CVE-2020-12048
Published: Jun 29, 2020
Modified: Aug 4, 2024
Description
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker with access to the network could observe sensitive treatment and prescription data sent between the Phoenix system and the Exalis tool.
| Vendor | Product | Versions |
|---|---|---|
n/a | Baxter Phoenix Hemodialysis Delivery System | affected Phoenix Hemodialysis Delivery System SW 3.36 and 3.40 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now