PatchSiren cyber security CVE debrief
CVE-2024-1275 Baxter CVE debrief
CVE-2024-1275 is a HIGH severity vulnerability (CVSS 7.4) in the Baxter Welch Allyn Connex Spot Monitor (CSM), a medical device used for patient vital signs monitoring. The vulnerability stems from the use of a default cryptographic key for critical functionality, which could allow an attacker to modify device configurations and firmware data, potentially impacting or delaying patient care. The vulnerability affects CSM versions 1.52 and earlier. Baxter released a patched version (1.52.01) on October 16, 2023, prior to the CVE publication date of May 30, 2024. This is not a KEV-listed vulnerability and there is no indication of known ransomware campaign use.
- Vendor
- Baxter
- Product
- Welch Allyn Connex Spot Monitor (CSM)
- CVSS
- HIGH 7.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-30
- Original CVE updated
- 2024-05-30
- Advisory published
- 2024-05-30
- Advisory updated
- 2024-05-30
Who should care
Healthcare delivery organizations using Baxter Welch Allyn Connex Spot Monitor devices; biomedical engineering teams responsible for medical device security; clinical engineering departments managing patient monitoring equipment; healthcare CISOs and risk management officers responsible for medical device cybersecurity programs; HIPAA security officers concerned with medical device integrity as part of protected health information safeguards
Technical summary
The Baxter Welch Allyn Connex Spot Monitor (CSM) versions 1.52 and earlier utilize a default cryptographic key for critical functionality. This insecure default configuration allows an attacker with network access to potentially modify device configurations and firmware data. The vulnerability has a CVSS 3.1 score of 7.4 (HIGH) with vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N, indicating network attack vector with high attack complexity but no privileges or user interaction required, leading to high impact on confidentiality and integrity but no availability impact. The attack complexity is rated HIGH, suggesting the attack is not trivial to execute. The vulnerability is particularly concerning in healthcare environments where device integrity directly affects patient care delivery.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade affected Baxter Welch Allyn Connex Spot Monitor devices to version 1.52.01 or later, which was released October 16, 2023
- Apply proper network and physical security controls to limit device exposure
- Configure a unique encryption key as described in the Connex Spot Monitor Service Manual rather than using default credentials
- Review and implement CISA ICS recommended practices for medical device security
- Monitor device configurations for unauthorized changes that could indicate compromise
Evidence notes
Vulnerability confirmed via CISA ICS Medical Advisory ICSMA-24-151-02. Affected product: Baxter Welch Allyn Connex Spot Monitor (CSM) <=1.52. Remediation: Upgrade to version 1.52.01.
Official resources
-
CVE-2024-1275 CVE record
CVE.org
-
CVE-2024-1275 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-30