CVE-2024-48967

CVSS 3.1 Score 10 of 10 (high)

Details

Published Nov 14, 2024

Updated: Nov 15, 2024

CWE ID 778

Summary

CVE-2024-48967 is a cybersecurity vulnerability affecting certain ventilators and their Service PCs. This issue lies in the insufficient audit logging capabilities, making it difficult to detect and investigate malicious activity. An attacker with access to the ventilator and/or Service PC can manipulate settings undetected, potentially leading to unauthorized information disclosure and unintended impacts on device performance. This vulnerability highlights the importance of robust audit logging and monitoring systems in critical healthcare devices.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Baxter International Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/zYeiZJ
https://www.cve.org/CVERecord?id=CVE-2024-48967
https://nvd.nist.gov/vuln/detail/CVE-2024-48967

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners

CVE-2024-48967

CVSS 3.1 Score 10 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations