CVE Disclosures
Swisslog Healthcare delivers medication supply chain solutions and services that require innovative and secure technology. Delivering these advanced solutions includes advising customers of potential vulnerabilities and helping to mitigate risks.
Our customers should approach information security as a critical implementation in order to protect their company from unwanted vulnerabilities. Swisslog Healthcare values transparency in offering advisories and disclosures which help the industry get stronger collectively.
| Vulnerability Name | Affected Component | CVE# | Date |
|---|---|---|---|
| Underflow in udpRXThread | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37161 | 2 August 2021 |
| Overflow in sccProcessMsg | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37162 | 2 August 2021 |
| Overflow in hmiProcessMsg | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37165 | 2 August 2021 |
|
Off-by-three stack overflow in tcpTxThread |
HMI3 Control Panel in: Nexus Panel |
CVE-2021-37164 | 2 August 2021 |
| GUI socket Denial Of Service | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37166 | 2 August 2021 |
| No firmware update validation | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37160 | 2 August 2021 |
| Default credentials for the telnet server | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37163 | 2 August 2021 |
| Privilege escalation | HMI3 Control Panel in: Nexus Panel |
CVE-2021-37167 | 2 August 2021 |
| No Impact: OpenSSL 3.0.0-3.0.6 |
Swisslog Healthcare Medication Management Solutions | CVE-2022-3602 | 1 November 2022 |
| No Impact: OpenSSL 3.0.0-3.0.6 |
Swisslog Healthcare Medication Management Solutions | CVE-2022-3786 | 1 November 2022 |