CVE-2022-22767
Published: Jun 1, 2022
Modified: Sep 16, 2024
CVSS v3.1
8.8
Description
Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials. There may be scenarios where BD Pyxis™ products are installed with the same default local operating system credentials or domain-joined server(s) credentials that may be shared across product types. If exploited, threat actors may be able to gain privileged access to the underlying file system and could potentially exploit or gain access to ePHI or other sensitive information.
| Vendor | Product | Versions |
|---|---|---|
Becton Dickinson (BD) | BD Pyxis™ Anesthesia ES Station | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ CIISafe | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ Logistics | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ MedBank | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ MedStation™ 4000 | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ MedStation™ ES | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ MedStation™ ES Server | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ ParAssist | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ Rapid Rx | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ StockStation | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ SupplyCenter | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ SupplyRoller | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ SupplyStation™ | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ SupplyStation™ EC | affected All versions |
Becton Dickinson (BD) | BD Pyxis™ SupplyStation™ RF auxiliary | affected All versions |
Becton Dickinson (BD) | BD Rowa™ Pouch Packaging Systems | affected All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now