B. Braun Battery Pack SP with Wi-Fi

Risk Summary

Successful exploitation of this vulnerability could allow a sophisticated and authenticated attacker to compromise the security of the Space communication device Battery Pack SP with Wi-Fi. An attacker could escalate privileges, view sensitive information, upload arbitrary files, and perform remote code execution.

CVEs (1)

Remediations

• B. Braun has released software updates to mitigate the reported vulnerabilities:
• Facilities in Canada utilizing “U” versions of software should follow the U.S. version.
• Facilities in Canada utilizing non-“U” versions (e.g. L) should follow the global version.
• For Battery pack SP with Wi-Fi using software 053L000093 (global) / 054U000093 (U.S.):
• The infusion pumps are not directly affected. However, the interrupted network communication might prevent certain features of the device from functioning properly. Specifically, an impacted device may be unable to receive infusion orders from EMR/PDMS systems, receive a drug library update, or communicate with DoseTrac.
• For more information, see the B. Braun Vulnerability Advisory.

Affected Vendors

Affected Products (1)

Affected Sectors

Healthcare, Public Health