{ "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12047", "ASSIGNER": "ics-cert@hq.dhs.gov", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "n/a", "product": { "product_data": [ { "product_name": "Baxter Sigma Spectrum Infusion Pumps", "version": { "version_data": [ { "version_value": "Sigma Spectrum v6.x model 35700BAX,Spectrum v8.x model 35700BAX2,Sigma Spectrum v6.x with Wireless Battery Module (WBM) v9,v11,v13,v14,v15,v16,v20D29,v20D30,v20D31,v22D24, Spectrum v8.x w/WBM v17,v20D29,v20D30,v20D31,v22D24,Spectrum WBM v17,v20D29,v20D30,v20D31,v22D24,Spectrum LVP v8.x with WBM v17, v20D29,v20D30,v20D31,and v22D24" } ] } } ] } } ] } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "USE OF HARD-CODED PASSWORD CWE-259" } ] } ] }, "references": { "reference_data": [ { "refsource": "MISC", "name": "https://www.us-cert.gov/ics/advisories/icsma-20-170-04", "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-04" } ] }, "description": { "description_data": [ { "lang": "eng", "value": "The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24), when used with a Baxter Spectrum v8.x (model 35700BAX2) in a factory-default wireless configuration enables an FTP service with hard-coded credentials." } ] } }