A Classic Buffer Overflow issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
smiths-medical medfusion_4000_wireless_syringe_infusion_pump 1.1 |
||
smiths-medical medfusion_4000_wireless_syringe_infusion_pump 1.5 |
||
smiths-medical medfusion_4000_wireless_syringe_infusion_pump 1.6 |