Firmware Signature Verification Vulnerability in B. Braun Melsungen AG SpaceCom and Data module compactplus

Firmware Signature Verification Vulnerability in B. Braun Melsungen AG SpaceCom and Data module compactplus

CVE-2020-25166 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper with devices.

Learn more about our Web Application Penetration Testing UK.