The Hospira LifeCare PCA Infusion System prior to 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote malicious users to modify settings or medication data via packets on the (a) TELNET, (b) HTTP, (c) HTTPS, or (d) UPNP port. NOTE: this issue might overlap CVE-2015-3459.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hospira lifecare_pcainfusion_firmware |