14 matches found
Hardcoded credentials
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2015-3952
Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2015-3953
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2015-3965
Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function...
CVE-2015-3965
Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function...
Hospira Symbiq Infusion System Unauthorized Access Vulnerability
The Hospira Symbiq Infusion System is an intelligent infusion system from Hospira USA. An unauthorized access vulnerability exists in the Hospira Symbiq Infusion System, which allows remote attackers to bypass restrictions and perform unauthorized operations...
Information Disclosure Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. An information disclosure vulnerability exists in multiple Hospira products. An attacker could exploit this vulnerability to obtain sensitive information...
Local Security Bypass Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A local security bypass vulnerability exists in multiple Hospira products. A local attacker could exploit this vulnerability to bypass security restrictions...
Remote Denial of Service Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A remote denial of service vulnerability exists in multiple Hospira products. An attacker could exploit this vulnerability to cause a denial of service...
Stack Buffer Overflow Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A stack buffer overflow vulnerability exists in multiple Hospira products due to the program failing to perform proper boundary checks on user-submitted inpu...
Hardcoded Password Security Bypass Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A security bypass vulnerability exists in multiple Hospira products. An attacker could exploit this vulnerability to bypass security restrictions and gain...
Authentication Bypass Vulnerability in Multiple Hospira Products
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. An authentication bypass vulnerability exists in multiple Hospira products. An attacker could use this vulnerability to bypass the authentication mechanism a...
Multiple Hospira Product Security Bypass Vulnerabilities
The Hospira Plum A+ Infusion System, Plum A+3 Infusion System and Symbiq Infusion System are all intelligent infusion systems from Hospira. A security bypass vulnerability exists in multiple Hospira products. An attacker could exploit the vulnerability to bypass security restrictions and perform...
Hospira Symbiq Infusion System Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 23, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Billy Rios identified a vulnerability in Hospira’s Symbiq Infusion System, which can be exploited to remotely control th...