Hillrom Welch Allyn 缓冲区错误漏洞

CNNVD-ID编号 CNNVD-202106-107
CVE编号 CVE-2021-27410
发布时间 2021-06-01
更新时间 2021-06-02
漏洞类型 缓冲区错误
漏洞来源 N/A
危险等级 中危
威胁类型 N/A
厂 商 N/A

漏洞介绍

Mmemed Welch Allyn Connex是西班牙Mmemed公司的一个工控设备。一款先进的触摸屏监视器。 Hillrom Welch Allyn 存在缓冲区错误漏洞,该漏洞源于越界的写入,攻击者可利用该漏洞任意代码执行。以下产品和版本受到影响:Welch Allyn Service Tool: versions prior to v1.10;Welch Allyn Connex Device Integration Suite – Network Connectivity Engine (NCE): versions prior to v5.3;Welch Allyn Software Development Kit (SDK): versions prior to v3.2;Welch Allyn Connex Central Station (CS): versions prior to v1.8.6;Welch Allyn Service Monitor: versions prior to v1.7.0.0;Welch Allyn Connex Vital Signs Monitor (CVSM): versions prior to v2.43.02;Welch Allyn Connex Integrated Wall System (CIWS): versions prior to v2.43.02;Welch Allyn Connex Spot Monitor (CSM): versions prior to v1.52;Welch Allyn Spot Vital Signs 4400 Device (Spot 4400) / Welch Allyn Spot 4400 Vital Signs Extended Care Device: versions prior to v1.11.00。

漏洞补丁

目前厂商已发布升级了Hillrom Welch Allyn 缓冲区错误漏洞的补丁,Hillrom Welch Allyn 缓冲区错误漏洞的补丁获取链接: https://www.hillrom.com/en/responsible-disclosures/

参考网址

  • 暂无

受影响实体

  • 暂无

信息来源