Known vulnerabilities

Known VulnerabilityBackground InformationAffected SCIEX ProductsRecommended ActionsComments
Windows 7 support has ended. There will be no security updates or any other support provided by Microsoft for Windows 7

20230126 Win7 obsolescence.pdf
https://support.microsoft.com/en-us/windows/windows-7-support-ended-on-january-14-2020-b75d4580-2cc7-895a-2c9c-1466d9a53962 https://learn.microsoft.com/en-us/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faqAny acquisition or data processing computers operating on Windows 7Where possible, update the computer operating system to the SCIEX supported version of Windows 10.

Please contact customer support to discuss the best way to upgrade your system
To ensure system reliability and service support please make sure you are using preconfigured Windows 10 OS images provided by SCIEX for corresponding acquisition computers
CVE-2019-11157, CVE-2019-14598, CVE-2019-14607, CVE-2020-0531, CVE-2020-0532, CVE-2020-0534, CVE-2020-0535, CVE-2020-0536, CVE-2020-0537, CVE-2020-0538, CVE-2020-0539, CVE-2020-0540, CVE-2020-0541, CVE-2020-0542, CVE-2020-0594, CVE-2020-0595, CVE-2020-0596, CVE-2020-8674, CVE-2020-0543, CVE-2020-0548, CVE-2020-0549, CVE-2020-8753, CVE-2020-8744, CVE-2020-8745, CVE-2020-8705, CVE-2020-8757, CVE-2020-8756, CVE-2020-8760, CVE-2020-8754, CVE-2020-8747, CVE-2020-8755, CVE-2020-8746, CVE-2020-8749, CVE-2020-8752, CVE-2020-8696, CVE-2020-8698, CVE-2020-8694, CVE-2020-8695, CVE-2020-0587, CVE-2020-0591, CVE-2020-0592, CVE-2020-0593, CVE-2020-12303, CVE-2020-12355, CVE-2020-12356, CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-24507, CVE-2020-8703, CVE-2020-24506 , CVE-2020-24511, CVE-2020-24512, CVE-2021-0157, CVE-2021-33107, CVE-2021-0127, CVE-2021-0091, CVE-2021-0107, CVE-2021-0111, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0119, CVE-2021-0124, CVE-2021-0125, CVE-2021-0156, CVE-2021-3712, CVE-2021-33159, CVE-2022-21181, CVE-2022-0004, CVE-2022-0005, CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166, CVE-2022-21151, CVE-2022-29083 Alpha Workstation 2020Perform BIOS update to v 2.15The known vulnerabilities and listed as a cumulative collection between BIOS v 2.3.1 and BIOS v 2.15
CVE-2020-0587, CVE-2020-0591, CVE-2020-0592 CVE-2020-0593, CVE-2020-8696, CVE-2020-8698, CVE-2020-8694, CVE-2020-8695, CVE-2020-8753, CVE-2020-8745, CVE-2020-8705, CVE-2020-8757, CVE-2020-8756, CVE-2020-8760, CVE-2020-8751, CVE-2020-8754, CVE-2020-8747, CVE-2020-8746, CVE-2020-8749, CVE-2020-8752, CVE-2020-12303, CVE-2020-12355, CVE-2020-12356, CVE-2021-0099, CVE-2021-0103, CVE-2021-0107, CVE-2021-0111, CVE-2021-0114, CVE-2021-0115, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0125, and CVE-2021-0124 SCIEX Workstation, SCIEX Workstation+Perform BIOS updated version 2.25The known vulnerabilities and listed as a cumulative collection between BIOS v 2.4.0 and BIOS v 2.25
CVE-2020-0587, CVE-2020-0591, CVE-2020-0592 CVE-2020-0593, CVE-2020-8696, CVE-2020-8698, CVE-2020-8694, CVE-2020-8695, CVE-2020-8753, CVE-2020-8745, CVE-2020-8705, CVE-2020-8757, CVE-2020-8756, CVE-2020-8760, CVE-2020-8751, CVE-2020-8754, CVE-2020-8747, CVE-2020-8746, CVE-2020-8749, CVE-2020-8752, CVE-2020-12303, CVE-2020-12355, CVE-2020-12356, CVE-2021-0099, CVE-2021-0103, CVE-2021-0107, CVE-2021-0111, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0119, CVE-2021-0124, CVE-2021-0125, CVE-2021-0144, CVE-2021-0156, CVE-2021-0147, CVE-2022-2118, CVE-2022-0004, CVE-2021-21131, CVE-2021-21136, CVE-2022-21166, CVE-2021-0099, CVE-2021-0103, CVE-2021-0107, CVE-2021-0111, CVE-2021-0114, CVE-2021-0115, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0125, and CVE-2021-0124 TripleTOF Acquisition PC - Analyst TFPerform BIOS update version 2.25The known vulnerabilities and listed as a cumulative collection between BIOS v 2.4.0 and BIOS v 2.25
CVE-2020-0548 CVE-2020-0549, CVE-2020-0543, CVE-2020-5362, CVE-2020-0531, CVE-2020-0532, CVE-2020-0533, CVE-2020-0535, CVE-2020-0536, CVE-2020-0537, CVE-2020-0538, CVE-2020-0539, CVE-2020-0540, CVE-2020-0545, CVE-2020-0594, CVE-2020-0595, CVE-2020-0596, CVE-2020-8674, CVE-2020-8758, CVE-2022-26343 and CVE-2022-32231 ProteinPilot Processing PCPerform BIOS update version 2.29The known vulnerabilities and listed as a cumulative collection between BIOS v 2.3.1 and BIOS v 2.12
CVE-2021-44228: Apache Log4j2 arbitrary code execution.

NVD Guidance CVE-2021-44228

  1. StatusScope® 2.2 and below
  2. OneOmics™ 3.2
  1. To address StatusScope issue please:
    • -Apply StatusScope® Remote Monitoring 2.2.1, now available on the SCIEX Software Download page
  2. To address OneOmics issue, a patch has been deployed by SCIEX directly to the cloud. No action for customer.
N/A
Remote Desktop Protocol vulnerability (Bluekeep)Microsoft Customer GuidanceProducts using Windows 7 OSInstall Windows OS updates as recommended by MicrosoftN/A