CVE-2016-9355 describes a physical-access vulnerability in the BD Alaris 8015 Point of Care unit where an unauthorized person who can disassemble the device and access its flash memory may retrieve unencrypted wireless network authentication credentials and other sensitive technical data. The issue is tied to how the device stores secrets on removable flash memory, which can reduce the chance of immediate [truncated]
CVE-2016-8375 is a physical-access information exposure issue in BD Alaris point-of-care units. The NVD record says affected devices can store unencrypted wireless network authentication credentials and other sensitive technical data in internal flash memory, which may be retrievable if an unauthorized person disassembles the unit and accesses the memory. Because the attack requires physical access, disas [truncated]
