How severe is CVE-2014-5431?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2014-5431?

This is classified as CWE-259, which is a common weakness in software security.

CVE-2014-5431

MEDIUM Year: 2014

CVSS v3 Score

6.8

Medium

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-259

View all →

Vulnerability Description

Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password may allow an attacker with physical access to the device to access management functions to make unauthorized configuration changes to biomedical settings such as turn on and off wireless connections and the phase-complete audible alarm that indicates the end of an infusion phase. Baxter has released a new version of the SIGMA Spectrum Infusion System, version 8, which incorporates hardware and software changes.

CVE-2018-8870

MEDIUM

CVSS:6.8(Medium)

Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debu...

CWE-2592018

CVE-2020-7590

MEDIUM

CVSS:6.8(Medium)

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-202...

CWE-2592020

CVE-2023-0808

MEDIUM

CVSS:6.8(Medium)

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Po...

CWE-2592023

CVE-2023-28895

MEDIUM

CVSS:6.8(Medium)

The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB...

CWE-2592023

CVE-2025-1879

LOW

CVSS:6.8(Medium)

A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded cre...

CWE-2592025

CVE-2025-25984

MEDIUM

CVSS:6.8(Medium)

An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to execute arbitrary code via UART component.

CWE-2592025

CVE-2014-5431

Vulnerability Description

Related Vulnerabilities

CVE-2018-8870

CVE-2020-7590

CVE-2023-0808

CVE-2023-28895

CVE-2025-1879

CVE-2025-25984