CISA Issues Advisory on Vulnerabilities in Baxter Infusion Pumps

The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning users on the potential vulnerabilities surrounding Baxter’s Sigma and Baxter Spectrum Infusion Pumps.

Specifically, these vulnerabilities include missing encryption of sensitive data, use of externally controlled format string and missing authentication for critical function.

Successful exploitation of these vulnerabilities could result in access to sensitive data and alteration of system configuration, CISA said.

No known public exploits specifically target these vulnerabilities so far, the agency said.