CVE-2024-9834

Improper data protection on Life2000 ventilator serial interface

Description

Improper data protection on the ventilator's serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.

INFO

Published Date :

2024-11-14T20:57:22.734Z

Last Modified :

2024-11-15T15:10:40.157Z

Source :

Baxter

AFFECTED PRODUCTS

The following products are affected by CVE-2024-9834 vulnerability.

Vendors	Products
Baxter	Life2000 Ventilator Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-9834.

URL	Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact