Sign-up

ID

VAR-201802-0480


CVE

CVE-2017-12721


TITLE

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Man-in-the-middle attack vulnerability

Trust: 0.8

sources: IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea // CNVD: CNVD-2017-25717

DESCRIPTION

An Improper Certificate Validation issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump does not validate host certificates, leaving the pump vulnerable to a man-in-the-middle (MITM) attack. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. A remote attacker can exploit this vulnerability to implement a man-in-the-middle attack

Trust: 2.7

sources: NVD: CVE-2017-12721 // JVNDB: JVNDB-2017-012526 // CNVD: CNVD-2017-25717 // BID: 100665 // IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea // VULHUB: VHN-103272

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea // CNVD: CNVD-2017-25717

AFFECTED PRODUCTS

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.1

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.5

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.6

Trust: 2.4

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.6

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.3

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.1

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.6

Trust: 0.2

sources: IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea // CNVD: CNVD-2017-25717 // BID: 100665 // JVNDB: JVNDB-2017-012526 // CNNVD: CNNVD-201709-525 // NVD: CVE-2017-12721

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12721
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-12721
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-25717
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-525
value: MEDIUM

Trust: 0.6

IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea
value: MEDIUM

Trust: 0.2

VULHUB: VHN-103272
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12721
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-25717
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103272
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12721
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea // CNVD: CNVD-2017-25717 // VULHUB: VHN-103272 // JVNDB: JVNDB-2017-012526 // CNNVD: CNNVD-201709-525 // NVD: CVE-2017-12721

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.9

sources: VULHUB: VHN-103272 // JVNDB: JVNDB-2017-012526 // NVD: CVE-2017-12721

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-525

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201709-525

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012526

PATCH
title:Medfusion 4000 Wireless Syringe Infusion Pumpurl:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.8
title:Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Patch for Man-in-the-Middle Attack Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/101781
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-25717 // 
            
            
            
            JVNDB: JVNDB-2017-012526

EXTERNAL IDS
db:NVDid:CVE-2017-12721
Trust: 3.6
db:ICS CERTid:ICSMA-17-250-02A
Trust: 2.5
db:BIDid:100665
Trust: 2.0
db:CNNVDid:CNNVD-201709-525
Trust: 0.9
db:ICS CERTid:ICSMA-17-250-02
Trust: 0.9
db:CNVDid:CNVD-2017-25717
Trust: 0.8
db:JVNDBid:JVNDB-2017-012526
Trust: 0.8
db:IVDid:2B1098E5-6DDD-4E00-9692-2497AB210EEA
Trust: 0.2
db:VULHUBid:VHN-103272
Trust: 0.1
sources:
            
            
            IVD: 2b1098e5-6ddd-4e00-9692-2497ab210eea // 
            
            
            
            CNVD: CNVD-2017-25717 // 
            
            
            
            VULHUB: VHN-103272 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012526 // 
            
            
            
            CNNVD: CNNVD-201709-525 // 
            
            
            
            NVD: CVE-2017-12721

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a
Trust: 2.5
url:http://www.securityfocus.com/bid/100665
Trust: 1.7
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12721
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12721
Trust: 0.8
url:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-25717 // 
            
            
            
            VULHUB: VHN-103272 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012526 // 
            
            
            
            CNNVD: CNNVD-201709-525 // 
            
            
            
            NVD: CVE-2017-12721

CREDITS
Scott Gayou
Trust: 0.9
sources:
            
            
            BID: 100665 // 
            
            
            
            CNNVD: CNNVD-201709-525

SOURCES
db:IVDid:2b1098e5-6ddd-4e00-9692-2497ab210eea
db:CNVDid:CNVD-2017-25717
db:VULHUBid:VHN-103272
db:BIDid:100665
db:JVNDBid:JVNDB-2017-012526
db:CNNVDid:CNNVD-201709-525
db:NVDid:CVE-2017-12721

LAST UPDATE DATE
2024-11-23T22:22:13.937000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-25717date:2017-09-08T00:00:00
db:VULHUBid:VHN-103272date:2018-03-02T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012526date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-525date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12721date:2024-11-21T03:10:05.720

SOURCES RELEASE DATE
db:IVDid:2b1098e5-6ddd-4e00-9692-2497ab210eeadate:2017-09-08T00:00:00
db:CNVDid:CNVD-2017-25717date:2017-09-08T00:00:00
db:VULHUBid:VHN-103272date:2018-02-15T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012526date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-525date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12721date:2018-02-15T10:29:00.320