How severe is CVE-2020-12024?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2020-12024?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2020-12024 - MEDIUM Severity | CVSS 6.1

Vulnerability Description

Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical access. Successful exploitation of this vulnerability may allow an attacker with physical access to the system the ability to load an unauthorized payload or unauthorized access to the hard drive by booting a live USB OS. This could impact confidentiality and integrity of the system and risk exposure of sensitive information including PHI.

Related Vulnerabilities

CVE-2014-8168

MEDIUM

CVSS:6.1(Medium)

Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.

CWE-2842014

CVE-2014-9717

MEDIUM

CVSS:6.1(Medium)

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restri...

CWE-2842014

CVE-2016-1492

MEDIUM

CVSS:6.1(Medium)

The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveragin...

CWE-2842016

CVE-2016-5606

MEDIUM

CVSS:6.1(Medium)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones.

CWE-2842016

CVE-2016-5622

MEDIUM

CVSS:6.1(Medium)

Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers...

CWE-2842016

CVE-2016-7223

MEDIUM

CVSS:6.1(Medium)

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files,...

CWE-2842016