Number: AV22-111
Date: 4 March 2022
On 3 March 2022 ICS-CERT published ICS Advisories to highlight vulnerabilities in the following products:
- BD Pyxis Anesthesia Station ES – all versions
- BD Pyxis Anesthesia Station 4000 – all versions
- BD Pyxis CATO – all versions
- BD Pyxis CIISafe – all versions
- BD Pyxis Inventory Connect – all versions
- BD Pyxis IV Prep – all versions
- BD Pyxis JITrBUD – all versions
- BD Pyxis KanBan RF – all versions
- BD Pyxis Logistics – all versions
- BD Pyxis Med Link Family – all versions
- BD Pyxis MedBank – all versions
- BD Pyxis MedStation 4000 – all versions
- BD Pyxis MedStation ES – all versions
- BD Pyxis MedStation ES Server – all versions
- BD Pyxis ParAssist – all versions
- BD Pyxis PharmoPack – all versions
- BD Pyxis ProcedureStation (including EC) – all versions
- BD Pyxis Rapid Rx – all versions
- BD Pyxis StockStation – all versions
- BD Pyxis SupplyCenter – all versions
- BD Pyxis SupplyRoller – all versions
- BD Pyxis SupplyStation (including RF, EC, CP) – all versions
- BD Pyxis Track and Deliver – all versions
- BD Rowa Pouch Packaging Systems – all versions
- BD Viper LT system – version 2.0 and later
Exploitation of these vulnerabilities could result in information disclosure.
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates, when available.
ICS Advisory (ICSMA-22-062-01)
ICS Advisory (ICSMA-22-062-02)