Unencrypted Storage of Network Credentials and PHI in Baxter Spectrum Wireless Battery Module
CVE-2022-26390 · MEDIUM Severity
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only applicable to Spectrum IQ pumps using auto programming) in unencrypted form. An attacker with physical access to a device that hasn't had all data and settings erased may be able to extract sensitive information.
Learn more about our Network Penetration Testing.