EUVD-2014-5294

Malware in sbrugna...

CVE-2014-5406

The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a 1 drug library, 2 software update, or 3 configuration change, which allows remote attackers to modify settings or medication data via packets on the a TELNET, b HTTP, c HTTPS, or d UPNP...

Design/Logic Flaw

The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a 1 drug library, 2 software update, or 3 configuration change, which allows remote attackers to modify settings or medication data via packets on the a TELNET, b HTTP, c HTTPS, or d UPNP...

CVE-2014-5406 Hospira LifeCare PCA Infusion System

The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a 1 drug library, 2 software update, or 3 configuration change, which allows remote attackers to modify settings or medication data via packets on the a TELNET, b HTTP, c HTTPS, or d UPNP...

CVE-2014-5406

Hospira LifeCare PCA Infusion System prior to version 7.0 is affected by CVE-2014-5406. The device’s network-facing components (TELNET, HTTP/HTTPS, UPNP) do not validate or restrict incoming traffic, enabling an unauthenticated remote attacker to modify drug libraries, software updates, or pump c...