How severe is CVE-2020-12016?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2020-12016?

This is classified as CWE-259, which is a common weakness in software security.

CVE-2020-12016

CRITICAL Year: 2020

CVSS v3 Score

9.8

Critical

CVSS v2 Score

10.0

Critical

Weakness Type

CWE-259

View all →

Vulnerability Description

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account credentials for the ExactaMix operating system. Successful exploitation of this vulnerability may allow an attacker who has gained unauthorized access to system resources, including access to execute software or to view/update files, directories, or system configuration. This could allow an attacker with network access to view sensitive data including PHI.

CVE-2014-125030

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected by this issue is some unknown functionality. The manipulation leads to use of hard-coded password. The ...

CWE-2592014

CVE-2014-5434

CRITICAL

CVSS:9.8(Critical)

Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter a...

CWE-2592014

CVE-2015-3953

CRITICAL

CVSS:9.8(Critical)

Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. H...

CWE-2592015

CVE-2016-9358

CRITICAL

CVSS:9.8(Critical)

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bi...

CWE-2592016

CVE-2017-20039

CRITICAL

CVSS:9.8(Critical)

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to...

CWE-2592017

CVE-2017-6022

CRITICAL

CVSS:9.8(Critical)

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use har...

CWE-2592017

CVE-2020-12016

Vulnerability Description

Related Vulnerabilities

CVE-2014-125030

CVE-2014-5434

CVE-2015-3953

CVE-2016-9358

CVE-2017-20039

CVE-2017-6022