Hillrom Welch Allyn 缓冲区错误漏洞

CNNVD-ID编号	CNNVD-202106-107	CVE编号	CVE-2021-27410
发布时间	2021-06-01	更新时间	2021-06-02
漏洞类型	缓冲区错误	漏洞来源	N/A
危险等级	中危	威胁类型	N/A
厂商	N/A

漏洞介绍

Mmemed Welch Allyn Connex是西班牙Mmemed公司的一个工控设备。一款先进的触摸屏监视器。 Hillrom Welch Allyn 存在缓冲区错误漏洞，该漏洞源于越界的写入，攻击者可利用该漏洞任意代码执行。以下产品和版本受到影响：Welch Allyn Service Tool： versions prior to v1.10；Welch Allyn Connex Device Integration Suite – Network Connectivity Engine (NCE)： versions prior to v5.3；Welch Allyn Software Development Kit (SDK)： versions prior to v3.2；Welch Allyn Connex Central Station (CS)： versions prior to v1.8.6；Welch Allyn Service Monitor： versions prior to v1.7.0.0；Welch Allyn Connex Vital Signs Monitor (CVSM)： versions prior to v2.43.02；Welch Allyn Connex Integrated Wall System (CIWS)： versions prior to v2.43.02；Welch Allyn Connex Spot Monitor (CSM)： versions prior to v1.52；Welch Allyn Spot Vital Signs 4400 Device (Spot 4400) / Welch Allyn Spot 4400 Vital Signs Extended Care Device： versions prior to v1.11.00。