CVE-2021-43550
low-risk
Published 2021-12-27
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (4)
Patient Information Center Ix
Patient Information Center Ix
Efficia Cm Firmware
Efficia Cm Firmware
Affected Vendors
References (2)
Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02
Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02
25
/ 100
low-risk
Severity
15/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
10/34 · Low