Vulnerability
Unautenticated UART port in niscomed patient monitoring
Vulnerability Description
An issue was discovered on Nescomed Multipara Monitor M1000 devices.The physical UART debug port provides a shell, without requiring a password, with complete root access. This leads to compromised medical data and integrity of the device.
CVE-ID
CVE-2020-15483
Vendor
Nescomed
Product
M1000 Multipara Patient monitor
Disclosure Timeline
22 June 2020 reported to the vendor
22 July 2020 No response from the vendor and Public disclosure.
Credit
Arun Magesh