http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202106-107

Mmemed Welch Allyn Connex是西班牙Mmemed公司的一个工控设备。一款先进的触摸屏监视器。 Hillrom Welch Allyn 存在缓冲区错误漏洞，该漏洞源于越界的写入，攻击者可利用该漏洞任意代码执行。以下产品和版本受到影响：Welch Allyn Service Tool： versions prior to v1.10；Welch Allyn Connex Device Integration Suite – Network Connectivity Engine (NCE)： versions prior to v5.3；Welch Allyn Software Development Kit (SDK)： versions prior to v3.2；Welch Allyn Connex Central Station (CS)： versions prior to v1.8.6；Welch Allyn Service Monitor： versions prior to v1.7.0.0；Welch Allyn Connex Vital Signs Monitor (CVSM)： versions prior to v2.43.02；Welch Allyn Connex Integrated Wall System (CIWS)： versions prior to v2.43.02；Welch Allyn Connex Spot Monitor (CSM)： versions prior to v1.52；Welch Allyn Spot Vital Signs 4400 Device (Spot 4400) / Welch Allyn Spot 4400 Vital Signs Extended Care Device： versions prior to v1.11.00。

来源:us-cert.cisa.gov

链接:https://us-cert.cisa.gov/ics/advisories/icsma-21-152-01