These vulnerabilities are memory corruption issues, in which attackers may be able to execute arbitrary code on a victim’s machine. CVE-2022-3602 was originally assessed as a CRITICAL severity vulnerability, but it was downgraded to HIGH because it was deemed difficult to exploit with remote code execution (RCE).
Analysis & Action
B. Braun’s first analysis determined that NONE of our connected devices and health IT software:
- Infusion system Spaceplus
- Infusion system compactplus
- Infusion system Space
- Clinical IT Solution OnlineSuite and OnlineSuite plus
- Dialog+® Dialysis Machine
- OMNI® Acute Blood Purification System
- Dialog iQ® Dialysis Machine
CISA: OpenSSL Releases Security Update | CISA
OpenSSL Project: OpenSSL Advisory
4 Contact & further information
Please visit our website www.bbraun.com/productsecurity for further information.
You can also contact our global security team if you have any further questions, require detailed technical information, or any other support issue concerning Cybersecurity.
You can send an email to email@example.com.