Hillrom ELI 380
Easy fix4 remedies
Easy fix4 remedies
- <= 2.6.0
Baxter Hillrom ELI Series Resting Electrocardiographs Hard-Coded Password Vulnerability
Vulnerability
Patched
A vulnerability allowing authentication abuse through hard-coded passwords has been identified in several models of the Baxter Hillrom ELI Resting Electrocardiographs. This issue affects the ELI 380, ELI 280/BUR280/MLBUR 280, ELI 250c/BUR 250c, and ELI 150c/BUR 150c/MLBUR 150c models, with varying version vulnerabilities. The hard-coded passwords could be exploited to bypass authentication mechanisms, potentially leading to unauthorized access or manipulation of device functions.
Impact
Exploitation of this vulnerability could allow unauthorized users to gain access to the affected electrocardiographs, potentially leading to unauthorized manipulation of patient data or device functions.
Remediation
Hillrom has released software updates for all impacted devices. Users are advised to upgrade to the latest product versions. Information on how to update these products can be found on the Hillrom disclosure page.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.3exploitability
7.4remediation
0.0relevance
0.0threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.