Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Baxter — Vulnerabilities & Security Advisories 20

Browse all 20 CVE security advisories affecting Baxter. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Baxter International operates as a global medical technology company, primarily manufacturing infusion pumps, anesthesia delivery systems, and patient monitoring devices for clinical environments. Security audits have identified twenty Common Vulnerabilities and Exposures (CVEs) associated with its product ecosystem, predominantly affecting networked infusion pumps and hospital information systems. The most prevalent vulnerability classes include remote code execution (RCE) and cross-site scripting (XSS), often stemming from inadequate input validation in web-based administrative interfaces. Additionally, several instances of privilege escalation have been documented, allowing unauthorized users to gain administrative control over device configurations. Notable incidents involve the exploitation of unpatched firmware in older pump models, which enabled attackers to manipulate drug delivery rates or disable safety alarms. These flaws highlight significant risks to patient safety and data integrity, underscoring the critical need for rigorous security patching and network segmentation in healthcare infrastructure.

Top products by Baxter: Life2000 Ventilation System SIGMA Spectrum Infusion System Baxter Spectrum Wireless Battery Module (WBM) Connex Health Portal Welch Allyn Connex Spot Monitor Welch Allyn Configuration Tool
CVE IDTitleCVSSSeverityPublished
CVE-2024-48967 Life2000 ventilator and Service PC lack sufficient audit logging capabilities — Life2000 Ventilation SystemCWE-778 10.0 Critical2024-11-14
CVE-2024-48966 Life2000 service tools for test and calibration do not support user authentication — Life2000 Ventilation SystemCWE-306 10.0 Critical2024-11-14
CVE-2024-48970 Life2000 Ventilator microcontroller lacks memory protection — Life2000 Ventilation SystemCWE-1191 9.3 Critical2024-11-14
CVE-2024-48974 Life2000 Ventilator does not perform proper file integrity checks when adopting firmware updates — Life2000 Ventilation SystemCWE-494 9.3 Critical2024-11-14
CVE-2024-48973 Debug port on Life2000 Ventilator serial interface is enabled by default — Life2000 Ventilation SystemCWE-1263 9.3 Critical2024-11-14
CVE-2024-48971 Clinician Password and Serial Number Clinician Password are hard-coded in Life2000 Ventilator — Life2000 Ventilation SystemCWE-798 9.3 Critical2024-11-14
CVE-2024-9832 No limit on failed login attempts with Clinician Password or Serial Number Clinician Password on Life2000 Ventilator — Life2000 Ventilation SystemCWE-307 9.3 Critical2024-11-14
CVE-2024-9834 Improper data protection on Life2000 ventilator serial interface — Life2000 Ventilation SystemCWE-319 9.3 Critical2024-11-14
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal — Connex Health PortalCWE-284 8.2 High2024-09-09
CVE-2024-6795 Vulnerability in Baxter Connex Health Portal — Connex Health PortalCWE-89 10.0 Critical2024-09-09
CVE-2024-5176 Vulnerability in Welch Allyn Configuration Tool Software — Welch Allyn Configuration ToolCWE-522 8.8 -2024-05-31
CVE-2024-1275 Vulnerability in Baxter Welch Allyn Connex Spot Monitor — Welch Allyn Connex Spot MonitorCWE-1394 9.8 -2024-05-31
CVE-2022-26393 Format String vulnerability — Baxter Spectrum Wireless Battery Module (WBM)CWE-134 5.0 Medium2022-09-09
CVE-2022-26394 Unauthenticated network reconfiguration via TCP/UDP — Baxter Spectrum Wireless Battery Module (WBM)CWE-306 5.5 Medium2022-09-09
CVE-2022-26392 Format String vulnerability — Baxter Spectrum Wireless Battery Module (WBM)CWE-134 3.1 Low2022-09-09
CVE-2022-26390 Unencrypted internal storage of security credentials — Baxter Spectrum Wireless Battery Module (WBM)CWE-311 4.2 Medium2022-09-09
CVE-2014-5431 Baxter SIGMA Spectrum Infusion System 安全漏洞 — SIGMA Spectrum Infusion SystemCWE-259 6.8 -2019-03-26
CVE-2014-5432 Baxter Wireless Battery Module 安全漏洞 — SIGMA Spectrum Infusion SystemCWE-592 9.8 -2019-03-26
CVE-2014-5433 Baxter Wireless Battery Module 安全漏洞 — SIGMA Spectrum Infusion SystemCWE-312 9.8 -2019-03-26
CVE-2014-5434 Baxter Wireless Battery Module 安全漏洞 — SIGMA Spectrum Infusion SystemCWE-259 9.8 -2019-03-26

This page lists every published CVE security advisory associated with Baxter. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.