- What is the severity of CVE-2024-5176?
- CVE-2024-5176 has been scored as a critical severity vulnerability.
- How to fix CVE-2024-5176?
- To fix CVE-2024-5176: Baxter has found no evidence to date of any compromise of personal or health data. Baxter will release a software update for all impacted software to address this vulnerability. A new version of the product that mitigates the vulnerability will be available as follows: * Welch Allyn Product Configuration Tool versions 1.9.4.2: Available Q3 2024 * No user action will be required once the update is released. Baxter recommends the following workarounds to help reduce risk: * Apply proper network and physical security controls. * The Welch Allyn Configuration Tool has been removed from public access. Customers are advised to contact Baxter Technical Support or their Baxter Project Manager to create configuration files, as needed. Baxter Technical Support can be reached at (800)535-6663, option 2.
- Is CVE-2024-5176 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2024-5176 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2024-5176?
- CVE-2024-5176 affects Baxter Welch Allyn Configuration Tool.