Unrated severityNVD Advisory· Published Jun 1, 2022· Updated Sep 16, 2024

BD Pyxis™ Products – Default Credentials

CVE-2022-22767

Description

Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials. There may be scenarios where BD Pyxis™ products are installed with the same default local operating system credentials or domain-joined server(s) credentials that may be shared across product types. If exploited, threat actors may be able to gain privileged access to the underlying file system and could potentially exploit or gain access to ePHI or other sensitive information.

Affected products

Becton Dickinson (bd)/Bd Rowa™ Pouch Packaging Systemsv5
Range: All versions
Becton Dickinson (bd)/Bd Pyxis™ Parassistv5
Range: All versions
Becton Dickinson (bd)/Bd Pyxis™ Supplystation™ Ecv5
Range: All versions
Becton Dickinson (bd)/Bd Pyxis™ Rapid Rxv5
Range: All versions
Becton Dickinson (bd)/Bd Pyxis™ Logisticsv5
Range: All versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cybersecurity.bd.com/bulletins-and-patches/bd-pyxis-products-default-credentialsmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000