Information Disclosure Vulnerability in Hamilton Medical AG T1-Ventilator Versions 2.2.3 and Prior: Obtaining Valid Checksums for Tampered Configuration Files

CVE-2020-27290 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an information disclosure vulnerability in the ventilator allows attackers with physical access to the configuration interface's logs to get valid checksums for tampered configuration files.

Learn more about our Physical Security Assessment.