Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hospira vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3957
Hospira LifeCare PCA Infusion System prior to 7.0 stores private keys and certificates, which has unspecified impact and attack vectors.
Hospira Lifecare Pcainfusion Firmware
Hospira Lifecare Pca5 -
Hospira Lifecare Pca3 -
NA
CVE-2015-3459
The communication module on the Hospira LifeCare PCA Infusion System prior to 7.0 does not require authentication for root TELNET sessions, which allows remote malicious users to modify the pump configuration via unspecified commands.
Hospira Lifecare Pcainfusion Firmware
Hospira Lifecare Pca5 -
Hospira Lifecare Pca3 -
7.3
CVSSv3
CVE-2015-7909
Stack-based buffer overflow in Hospira Communication Engine (CE) prior to 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote malicious users to cause a denial of service or possibly have unspecified other impa...
Hospira Communication Engine
Hospira Lifecare Pca Infusion System 5.0.7
NA
CVE-2014-5400
The installation component in Hospira MedNet prior to 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.
Hospira Mednet
NA
CVE-2014-5406
The Hospira LifeCare PCA Infusion System prior to 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote malicious users to modify settings or medication data via packets on the (a) T...
Hospira Lifecare Pcainfusion Firmware
NA
CVE-2015-3955
Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and previous versions, and possibly other versions, allows remote malicious users to execute arbitrary code via unspecified vectors.
Hospira Lifecare Pcainfusion Firmware
NA
CVE-2015-3958
Hospira LifeCare PCA Infusion System 5.0 and previous versions, and possibly other versions, allows remote malicious users to cause a denial of service (forced manual reboot) via a flood of TCP packets.
Hospira Lifecare Pcainfusion Firmware
9.8
CVSSv3
CVE-2014-5401
Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. Hospira has developed a new version of the MedNet software, MedNet 6.1...
Hospira Mednet
NA
CVE-2015-1011
Hospira LifeCare PCA Infusion System prior to 7.0 has hardcoded credentials, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Hospira Lifecare Pcainfusion Firmware
NA
CVE-2014-5403
Hospira MedNet prior to 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote malicious users to obtain sensitive information by sniffing the network.
Hospira Mednet
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »