High severity7.5NVD Advisory· Published Jun 29, 2020· Updated Jun 17, 2026
CVE-2020-12048
CVE-2020-12048
Description
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker with access to the network could observe sensitive treatment and prescription data sent between the Phoenix system and the Exalis tool.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Phoenix/Phoenix Hemodialysis Delivery System SWdescription
- Range: 3.36, 3.40
Patches
Vulnerability mechanics
References
1- www.us-cert.gov/ics/advisories/icsma-20-170-03nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.