Sign-up

ID

VAR-201802-0479


CVE

CVE-2017-12720


TITLE

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Authentication Bypass Vulnerability

Trust: 0.8

sources: IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // CNVD: CNVD-2017-25720

DESCRIPTION

An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump does not require authentication if the pump is configured to allow FTP connections. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device

Trust: 2.7

sources: NVD: CVE-2017-12720 // JVNDB: JVNDB-2017-012525 // CNVD: CNVD-2017-25720 // BID: 100665 // IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // VULHUB: VHN-103271

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // CNVD: CNVD-2017-25720

AFFECTED PRODUCTS

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.1

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.5

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.6

Trust: 2.4

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.6

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.3

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.1

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.6

Trust: 0.2

sources: IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // CNVD: CNVD-2017-25720 // BID: 100665 // JVNDB: JVNDB-2017-012525 // CNNVD: CNNVD-201709-522 // NVD: CVE-2017-12720

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12720
value: HIGH

Trust: 1.0

NVD: CVE-2017-12720
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-25720
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-522
value: HIGH

Trust: 0.6

IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e
value: HIGH

Trust: 0.2

VULHUB: VHN-103271
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12720
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-25720
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103271
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12720
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // CNVD: CNVD-2017-25720 // VULHUB: VHN-103271 // JVNDB: JVNDB-2017-012525 // CNNVD: CNNVD-201709-522 // NVD: CVE-2017-12720

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.1

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-103271 // JVNDB: JVNDB-2017-012525 // NVD: CVE-2017-12720

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-522

TYPE

Access control error

Trust: 0.8

sources: IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // CNNVD: CNNVD-201709-522

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012525

PATCH
title:Medfusion 4000 Wireless Syringe Infusion Pumpurl:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.8
title:Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump authentication bypass vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/101784
Trust: 0.6
title:Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100043
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-25720 // 
            
            
            
            JVNDB: JVNDB-2017-012525 // 
            
            
            
            CNNVD: CNNVD-201709-522

EXTERNAL IDS
db:NVDid:CVE-2017-12720
Trust: 3.6
db:ICS CERTid:ICSMA-17-250-02A
Trust: 2.5
db:BIDid:100665
Trust: 2.0
db:CNNVDid:CNNVD-201709-522
Trust: 0.9
db:ICS CERTid:ICSMA-17-250-02
Trust: 0.9
db:CNVDid:CNVD-2017-25720
Trust: 0.8
db:JVNDBid:JVNDB-2017-012525
Trust: 0.8
db:IVDid:A79097FF-B9F3-4163-A7D4-27FA4051686E
Trust: 0.2
db:VULHUBid:VHN-103271
Trust: 0.1
sources:
            
            
            IVD: a79097ff-b9f3-4163-a7d4-27fa4051686e // 
            
            
            
            CNVD: CNVD-2017-25720 // 
            
            
            
            VULHUB: VHN-103271 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012525 // 
            
            
            
            CNNVD: CNNVD-201709-522 // 
            
            
            
            NVD: CVE-2017-12720

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a
Trust: 2.5
url:http://www.securityfocus.com/bid/100665
Trust: 1.7
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12720
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12720
Trust: 0.8
url:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-25720 // 
            
            
            
            VULHUB: VHN-103271 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012525 // 
            
            
            
            CNNVD: CNNVD-201709-522 // 
            
            
            
            NVD: CVE-2017-12720

CREDITS
Scott Gayou
Trust: 0.9
sources:
            
            
            BID: 100665 // 
            
            
            
            CNNVD: CNNVD-201709-522

SOURCES
db:IVDid:a79097ff-b9f3-4163-a7d4-27fa4051686e
db:CNVDid:CNVD-2017-25720
db:VULHUBid:VHN-103271
db:BIDid:100665
db:JVNDBid:JVNDB-2017-012525
db:CNNVDid:CNNVD-201709-522
db:NVDid:CVE-2017-12720

LAST UPDATE DATE
2024-11-23T22:22:13.793000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-25720date:2017-09-08T00:00:00
db:VULHUBid:VHN-103271date:2019-10-03T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012525date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-522date:2019-10-23T00:00:00
db:NVDid:CVE-2017-12720date:2024-11-21T03:10:05.603

SOURCES RELEASE DATE
db:IVDid:a79097ff-b9f3-4163-a7d4-27fa4051686edate:2017-09-08T00:00:00
db:CNVDid:CNVD-2017-25720date:2017-09-08T00:00:00
db:VULHUBid:VHN-103271date:2018-02-15T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012525date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-522date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12720date:2018-02-15T10:29:00.273