Sign-up

ID

VAR-201802-0483


CVE

CVE-2017-12724


TITLE

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities related to the use of hard-coded credentials

Trust: 0.8

sources: JVNDB: JVNDB-2017-012528

DESCRIPTION

A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is configured to allow FTP connections. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. A remote attacker can exploit this vulnerability to access the FTP server

Trust: 2.79

sources: NVD: CVE-2017-12724 // JVNDB: JVNDB-2017-012528 // CNVD: CNVD-2017-25719 // BID: 100665 // IVD: 00b9032e-0c70-4565-9291-29919a332545 // VULHUB: VHN-103275 // VULMON: CVE-2017-12724

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 00b9032e-0c70-4565-9291-29919a332545 // CNVD: CNVD-2017-25719

AFFECTED PRODUCTS

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.1

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.5

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.6

Trust: 2.4

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.6

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.3

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.1

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.6

Trust: 0.2

sources: IVD: 00b9032e-0c70-4565-9291-29919a332545 // CNVD: CNVD-2017-25719 // BID: 100665 // JVNDB: JVNDB-2017-012528 // CNNVD: CNNVD-201709-523 // NVD: CVE-2017-12724

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12724
value: HIGH

Trust: 1.0

NVD: CVE-2017-12724
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-25719
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-523
value: MEDIUM

Trust: 0.6

IVD: 00b9032e-0c70-4565-9291-29919a332545
value: MEDIUM

Trust: 0.2

VULHUB: VHN-103275
value: MEDIUM

Trust: 0.1

VULMON: CVE-2017-12724
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12724
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2017-25719
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 00b9032e-0c70-4565-9291-29919a332545
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103275
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12724
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 00b9032e-0c70-4565-9291-29919a332545 // CNVD: CNVD-2017-25719 // VULHUB: VHN-103275 // VULMON: CVE-2017-12724 // JVNDB: JVNDB-2017-012528 // CNNVD: CNNVD-201709-523 // NVD: CVE-2017-12724

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.9

sources: VULHUB: VHN-103275 // JVNDB: JVNDB-2017-012528 // NVD: CVE-2017-12724

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-523

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201709-523

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012528

PATCH
title:Medfusion 4000 Wireless Syringe Infusion Pumpurl:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.8
title:Patch for Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hardcoded Vulnerability (CNVD-2017-25719)url:https://www.cnvd.org.cn/patchInfo/show/101783
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-25719 // 
            
            
            
            JVNDB: JVNDB-2017-012528

EXTERNAL IDS
db:NVDid:CVE-2017-12724
Trust: 3.7
db:ICS CERTid:ICSMA-17-250-02A
Trust: 2.6
db:BIDid:100665
Trust: 2.1
db:CNNVDid:CNNVD-201709-523
Trust: 0.9
db:ICS CERTid:ICSMA-17-250-02
Trust: 0.9
db:CNVDid:CNVD-2017-25719
Trust: 0.8
db:JVNDBid:JVNDB-2017-012528
Trust: 0.8
db:IVDid:00B9032E-0C70-4565-9291-29919A332545
Trust: 0.2
db:VULHUBid:VHN-103275
Trust: 0.1
db:VULMONid:CVE-2017-12724
Trust: 0.1
sources:
            
            
            IVD: 00b9032e-0c70-4565-9291-29919a332545 // 
            
            
            
            CNVD: CNVD-2017-25719 // 
            
            
            
            VULHUB: VHN-103275 // 
            
            
            
            VULMON: CVE-2017-12724 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012528 // 
            
            
            
            CNNVD: CNNVD-201709-523 // 
            
            
            
            NVD: CVE-2017-12724

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a
Trust: 2.6
url:http://www.securityfocus.com/bid/100665
Trust: 1.9
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12724
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12724
Trust: 0.8
url:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/798.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-25719 // 
            
            
            
            VULHUB: VHN-103275 // 
            
            
            
            VULMON: CVE-2017-12724 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012528 // 
            
            
            
            CNNVD: CNNVD-201709-523 // 
            
            
            
            NVD: CVE-2017-12724

CREDITS
Scott Gayou
Trust: 0.9
sources:
            
            
            BID: 100665 // 
            
            
            
            CNNVD: CNNVD-201709-523

SOURCES
db:IVDid:00b9032e-0c70-4565-9291-29919a332545
db:CNVDid:CNVD-2017-25719
db:VULHUBid:VHN-103275
db:VULMONid:CVE-2017-12724
db:BIDid:100665
db:JVNDBid:JVNDB-2017-012528
db:CNNVDid:CNNVD-201709-523
db:NVDid:CVE-2017-12724

LAST UPDATE DATE
2024-11-23T22:22:13.750000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-25719date:2017-09-08T00:00:00
db:VULHUBid:VHN-103275date:2018-03-02T00:00:00
db:VULMONid:CVE-2017-12724date:2018-03-02T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012528date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-523date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12724date:2024-11-21T03:10:06.060

SOURCES RELEASE DATE
db:IVDid:00b9032e-0c70-4565-9291-29919a332545date:2017-09-08T00:00:00
db:CNVDid:CNVD-2017-25719date:2017-09-08T00:00:00
db:VULHUBid:VHN-103275date:2018-02-15T00:00:00
db:VULMONid:CVE-2017-12724date:2018-02-15T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012528date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-523date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12724date:2018-02-15T10:29:00.477