NA - CVE-2025-0680 - Affected products contain a vulnerability in...
Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud.
NA - CVE-2025-0681 - The Cloud MQTT service of the affected products...
The Cloud MQTT service of the affected products supports wildcard topic subscription which could allow an attacker to obtain sensitive information from tapping the service communications.
NA - CVE-2025-0683 - In its default configuration, the affected...
In its default configuration, the affected product transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of...
NA - CVE-2025-24502 - An improper session validation allows an...
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
NA - CVE-2025-24505 - This vulnerability allows a high-privileged...
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.