CVE-2015-3956

🗓️ 25 Mar 2019 17:44:44Reported by icscertType

Hospira infusion systems allow unauthorized access to drug libraries and firmware update

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2015-3956	25 Mar 201921:27	–	circl
CNVD	Multiple Hospira Product Security Bypass Vulnerabilities	24 Jun 201500:00	–	cnvd
Cvelist	CVE-2015-3956	25 Mar 201917:44	–	cvelist
EUVD	EUVD-2015-3987	7 Oct 202500:30	–	euvd
ICS	Hospira Plum A+ and Symbiq Infusion Systems Vulnerabilities	13 Mar 201506:00	–	ics
NVD	CVE-2015-3956	25 Mar 201918:29	–	nvd
Prion	Design/Logic Flaw	25 Mar 201918:29	–	prion

NVD

Vulners

Node

pifzer plum_a+_infusion_system_firmwareRange≤13.4

AND

pifzer plum_a+_infusion_systemMatch-

Node

pifzer plum_a+3_infusion_system_firmwareRange≤13.6

AND

pifzer plum_a+3_infusion_systemMatch-

Node

pifzer symbiq_infusion_system_firmwareRange≤3.13

AND

pifzer symbiq_infusion_systemMatch-

[
  {
    "product": "Plum A+ Infusion System",
    "vendor": "Hospira",
    "versions": [
      {
        "status": "affected",
        "version": "<= 13.4"
      }
    ]
  },
  {
    "product": "Plum A+3 Infusion System",
    "vendor": "Hospira",
    "versions": [
      {
        "status": "affected",
        "version": "<= 13.6"
      }
    ]
  },
  {
    "product": "Symbiq Infusion System",
    "vendor": "Hospira",
    "versions": [
      {
        "status": "affected",
        "version": "<= 3.13"
      }
    ]
  }
]

Source	Link
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-15-161-01

21 Nov 2024 02:30Current

9.3High risk

Vulners AI Score9.3

CVSS 39.8

CVSS 210

EPSS0.0018

CWE-345