OTPulse
FeedAboutContact

Baxter SIGMA Spectrum Infusion System Vulnerabilities

Low RiskICS-CERT ICSA-15-181-01Apr 2, 2015
Summary

The Baxter SIGMA Spectrum Infusion System model 35700BAX contains hardcoded or weak credentials (CWE-259) that could allow an attacker with network access to authenticate to the device and modify infusion parameters. The vulnerability affects medication delivery safety and patient care. No firmware patch is available from Baxter.

What this means
What could happen
An attacker with network access to the infusion system could gain unauthorized control over medication delivery settings, potentially altering dosage rates or stopping infusion flow, which could harm patients receiving intravenous therapy.
Who's at risk
Healthcare facilities using Baxter SIGMA Spectrum infusion pumps for medication delivery. This affects nursing units, intensive care areas, oncology departments, and any setting where patients receive intravenous medications through networked infusion systems.
How it could be exploited
An attacker on the network could connect to the SIGMA Spectrum system and exploit hardcoded or weak credentials (CWE-259) to authenticate to the infusion pump's control interface, then modify infusion parameters without authorization.
Prerequisites
  • Network access to the SIGMA Spectrum Infusion System
  • Knowledge of or ability to discover default/hardcoded credentials used by the system
Affects safety-critical medical deviceDefault or hardcoded credentialsNo patch availablePatient safety risk
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
SIGMA Spectrum Infusion System(model 35700BAX): 6.056.05No fix yet
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGImplement network segmentation to restrict access to SIGMA Spectrum infusion systems; only authorized clinical and IT staff should have network connectivity to these devices
HARDENINGMonitor network traffic to and from infusion pumps for unauthorized access attempts or configuration changes
WORKAROUNDDisable remote access capabilities on the infusion system if not operationally required
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGImplement access controls and authentication logs to track all connections and configuration modifications to infusion systems
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/2738f079-6775-48c2-a92f-59745a7cc5dd
Baxter SIGMA Spectrum Infusion System Vulnerabilities - OTPulse