Multiple vulnerabilities in Hillrom Medical Welch Allyn medical devices
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-26388 CVE-2022-26389 |
| CWE-ID | CWE-259 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Welch Allyn ELI 380 Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI 280 Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI BUR280 Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI MLBUR 280 Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI 250c Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI BUR 250c Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI 150c Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI BUR 150c Resting Electrocardiograph Hardware solutions / Medical equipment Welch Allyn ELI MLBUR 150c Resting Electrocardiograph Hardware solutions / Medical equipment |
| Vendor | Hill-Rom Services |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Use of Hard-coded Password
EUVDB-ID: #VU64470
Risk: Low
CVSSv4.0: 3.9 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-26388
CWE-ID:
CWE-259 - Use of Hard-coded Password
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the software contains a hard-coded password. An attacker with physical access can cause privileged operation execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWelch Allyn ELI 380 Resting Electrocardiograph: 2.6.0
Welch Allyn ELI 280 Resting Electrocardiograph: 2.3.1
Welch Allyn ELI BUR280 Resting Electrocardiograph: 2.3.1
Welch Allyn ELI MLBUR 280 Resting Electrocardiograph: 2.3.1
Welch Allyn ELI 250c Resting Electrocardiograph: 2.1.2
Welch Allyn ELI BUR 250c Resting Electrocardiograph: 2.1.2
Welch Allyn ELI 150c Resting Electrocardiograph: 2.2.0
Welch Allyn ELI BUR 150c Resting Electrocardiograph: 2.2.0
Welch Allyn ELI MLBUR 150c Resting Electrocardiograph: 2.2.0
CPE2.3- cpe:2.3:h:hill-rom_services:welch_allyn_eli_380_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_380_resting_electrocardiograph:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_280_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_280_resting_electrocardiograph:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur280_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur280_resting_electrocardiograph:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_mlbur_280_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_mlbur_280_resting_electrocardiograph:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_250c_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_250c_resting_electrocardiograph:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur_250c_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_150c_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur_150c_resting_electrocardiograph:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_mlbur_150c_resting_electrocardiograph:*:*:*:*:*:*:*:*
http://ics-cert.us-cert.gov/advisories/icsma-22-167-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper access control
EUVDB-ID: #VU64472
Risk: Low
CVSSv4.0: 2.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-26389
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the affected software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. A remote user can bypass implemented security restrictions and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWelch Allyn ELI 380 Resting Electrocardiograph: 2.6.0
Welch Allyn ELI 280 Resting Electrocardiograph: 2.3.1
Welch Allyn ELI BUR280 Resting Electrocardiograph: 2.3.1
Welch Allyn ELI MLBUR 280 Resting Electrocardiograph: 2.3.1
Welch Allyn ELI 250c Resting Electrocardiograph: 2.1.2
Welch Allyn ELI BUR 250c Resting Electrocardiograph: 2.1.2
Welch Allyn ELI 150c Resting Electrocardiograph: 2.2.0
Welch Allyn ELI BUR 150c Resting Electrocardiograph: 2.2.0
Welch Allyn ELI MLBUR 150c Resting Electrocardiograph: 2.2.0
CPE2.3- cpe:2.3:h:hill-rom_services:welch_allyn_eli_380_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_380_resting_electrocardiograph:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_280_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_280_resting_electrocardiograph:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur280_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur280_resting_electrocardiograph:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_mlbur_280_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_mlbur_280_resting_electrocardiograph:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_250c_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_250c_resting_electrocardiograph:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur_250c_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_150c_resting_electrocardiograph:*:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_bur_150c_resting_electrocardiograph:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:h:hill-rom_services:welch_allyn_eli_mlbur_150c_resting_electrocardiograph:*:*:*:*:*:*:*:*
http://ics-cert.us-cert.gov/advisories/icsma-22-167-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
