CVE-2020-25165

CWE-287: IMPROPER AUTHENTICATION
The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager. If exploited, an attacker could perform a denial-of-service attack on the BD Alaris PC Unit by modifying the configuration headers of data in transit. A denial-of-service attack could lead to a drop in the wireless capability of the BD Alaris PC Unit, resulting in manual operation of the PC Unit.

Risk Information

  • CVE ID
  • CVE-2020-25165
  • Vendor
  • Becton, Dickinson and Co.
  • Product
  • BD Alaris
  • CVSS v3
  • 6.5