- What is the severity of CVE-2024-1275?
- CVE-2024-1275 has been scored as a critical severity vulnerability.
- How to fix CVE-2024-1275?
- To fix CVE-2024-1275: Baxter has released a software update for all impacted devices and software to address this vulnerability. A new version of the product that mitigates the vulnerability is available as follows: * Welch Allyn Connex Spot Monitor: Version 1.52.01 (available October 16, 2023) Baxter recommends users upgrade to the latest versions of their products. Information on how to update products to their new versions can be found on the Baxter disclosure page https://www.baxter.com/product-security or the Hillrom disclosure page https://www.hillrom.com/en/responsible-disclosures/ . Baxter recommends the following workarounds to help reduce risk: * Apply proper network and physical security controls. * Ensure a unique encryption key is configured and applied to the product (as described in the Connex Spot Monitor Service Manual).
- Is CVE-2024-1275 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2024-1275 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2024-1275?
- CVE-2024-1275 affects Baxter Welch Allyn Connex Spot Monitor.