XML Validation Vulnerability in Hamilton Medical AG T1-Ventillator Versions 2.2.3 and Prior: Device Rendered Persistently Unusable by Privileged Attackers

XML Validation Vulnerability in Hamilton Medical AG T1-Ventillator Versions 2.2.3 and Prior: Device Rendered Persistently Unusable by Privileged Attackers

CVE-2020-27282 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical access to render the device persistently unusable by uploading specially crafted configuration files.

Learn more about our Physical Security Assessment.