CVE-2024-48974

CVSS 3.1 Score 9.3 of 10 (high)

Details

Published Nov 14, 2024

Updated: Nov 15, 2024

CWE ID 494

Summary

CVE-2024-48974 refers to a vulnerability in certain ventilator devices. The issue lies in the lack of adequate file integrity checks during the adoption of firmware updates. An attacker can exploit this vulnerability by introducing unauthorized changes to the device's configuration settings or pushing a compromised firmware file. Consequences may include device dysfunction and unauthorized information disclosure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Baxter International Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/zYeUfc
https://www.cve.org/CVERecord?id=CVE-2024-48974
https://nvd.nist.gov/vuln/detail/CVE-2024-48974

Back to Vulnerability Database

CVE-2024-48974

CVSS 3.1 Score 9.3 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations