CVE Vulnerabilities

CVE-2020-10598

Published: Apr 01, 2020 | Modified: Sep 14, 2021
CVSS 3.x
6.1
MEDIUM
Source:
NVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS 2.x
3.6 LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.

Affected Software

Name Vendor Start Version End Version
Pyxis_medstation_es_firmware Bd 1.6.1 (including) 1.6.1 (including)

References