CVE-2014-5406
Hospira LifeCare PCA Infusion System prior to version 7.0 is affected by CVE-2014-5406. The device’s network-facing components (TELNET, HTTP/HTTPS, UPNP) do not validate or restrict incoming traffic, enabling an unauthenticated remote attacker to modify drug libraries, software updates, or pump c...