9 matches found
Hardcoded credentials
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2015-3953
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2015-3965
Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function...
CVE-2015-3965
Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function...
Local Security Bypass Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A local security bypass vulnerability exists in multiple Hospira products. A local attacker could exploit this vulnerability to bypass security restrictions...
Stack Buffer Overflow Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A stack buffer overflow vulnerability exists in multiple Hospira products due to the program failing to perform proper boundary checks on user-submitted inpu...
Hardcoded Password Security Bypass Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A security bypass vulnerability exists in multiple Hospira products. An attacker could exploit this vulnerability to bypass security restrictions and gain...
Multiple Hospira Product Security Bypass Vulnerabilities
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A security bypass vulnerability exists in multiple Hospira products. An attacker could exploit the vulnerability to bypass security restrictions and perform...
Hospira Symbiq Infusion System Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 23, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Billy Rios identified a vulnerability in Hospira’s Symbiq Infusion System, which can be exploited to remotely control th...