← Back to home
ICSMA-23-047-01  ·  Published 2023-02-27  ·  View on CISA ICS-CERT ↗

BD Alaris Infusion Central

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to obtain the database installation password and gain access to the Alaris Infusion Central database, resulting in disclosure of resident personal data.

CVEs (1)

Remediations

  • BD is directly reaching out to the small group of customers who may be impacted by this vulnerability to initiate remediation.
  • Change passwords periodically per best security practice.
  • Ensure physical access controls are in place; only authorized administrators should have access to the Alaris Infusion Central server.
  • For additional information, refer to BD's security bulletin.

Affected Vendors

Becton, Dickinson and Company (BD)

Affected Products (1)

Becton, Dickinson and Company (BD) · Alaris Infusion Central software >= 1.1 | <= 1.3.2

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more