Sign-up

ID

VAR-201802-0484


CVE

CVE-2017-12725


TITLE

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities related to the use of hard-coded credentials

Trust: 0.8

sources: JVNDB: JVNDB-2017-012529

DESCRIPTION

A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump with default network configuration uses hard-coded credentials to automatically establish a wireless network connection. The pump will establish a wireless network connection even if the pump is Ethernet connected and active; however, if the wireless association is established and the Ethernet cable is attached, the pump does not attach the network stack to the wireless network. In this scenario, all network traffic is instead directed over the wired Ethernet connection. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. A remote attacker could exploit this vulnerability to bypass security restrictions

Trust: 2.7

sources: NVD: CVE-2017-12725 // JVNDB: JVNDB-2017-012529 // CNVD: CNVD-2017-25721 // BID: 100665 // IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90 // VULHUB: VHN-103276

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90 // CNVD: CNVD-2017-25721

AFFECTED PRODUCTS

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.1

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.5

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.6

Trust: 2.4

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.6

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.3

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.1

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.6

Trust: 0.2

sources: IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90 // CNVD: CNVD-2017-25721 // BID: 100665 // JVNDB: JVNDB-2017-012529 // CNNVD: CNNVD-201709-521 // NVD: CVE-2017-12725

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12725
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-12725
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-25721
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-521
value: MEDIUM

Trust: 0.6

IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90
value: MEDIUM

Trust: 0.2

VULHUB: VHN-103276
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12725
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-25721
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103276
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12725
baseSeverity: MEDIUM
baseScore: 5.6
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.2
impactScore: 3.4
version: 3.0

Trust: 1.8

sources: IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90 // CNVD: CNVD-2017-25721 // VULHUB: VHN-103276 // JVNDB: JVNDB-2017-012529 // CNNVD: CNNVD-201709-521 // NVD: CVE-2017-12725

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.9

sources: VULHUB: VHN-103276 // JVNDB: JVNDB-2017-012529 // NVD: CVE-2017-12725

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-521

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201709-521

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012529

PATCH
title:Medfusion 4000 Wireless Syringe Infusion Pumpurl:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.8
title:Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hardcoded Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/101854
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-25721 // 
            
            
            
            JVNDB: JVNDB-2017-012529

EXTERNAL IDS
db:NVDid:CVE-2017-12725
Trust: 3.6
db:ICS CERTid:ICSMA-17-250-02A
Trust: 2.5
db:BIDid:100665
Trust: 2.0
db:CNNVDid:CNNVD-201709-521
Trust: 0.9
db:ICS CERTid:ICSMA-17-250-02
Trust: 0.9
db:CNVDid:CNVD-2017-25721
Trust: 0.8
db:JVNDBid:JVNDB-2017-012529
Trust: 0.8
db:IVDid:3B57D158-40AC-4BC7-A39C-4366709C9D90
Trust: 0.2
db:VULHUBid:VHN-103276
Trust: 0.1
sources:
            
            
            IVD: 3b57d158-40ac-4bc7-a39c-4366709c9d90 // 
            
            
            
            CNVD: CNVD-2017-25721 // 
            
            
            
            VULHUB: VHN-103276 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012529 // 
            
            
            
            CNNVD: CNNVD-201709-521 // 
            
            
            
            NVD: CVE-2017-12725

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a
Trust: 2.5
url:http://www.securityfocus.com/bid/100665
Trust: 1.7
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12725
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12725
Trust: 0.8
url:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-25721 // 
            
            
            
            VULHUB: VHN-103276 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012529 // 
            
            
            
            CNNVD: CNNVD-201709-521 // 
            
            
            
            NVD: CVE-2017-12725

CREDITS
Scott Gayou
Trust: 0.9
sources:
            
            
            BID: 100665 // 
            
            
            
            CNNVD: CNNVD-201709-521

SOURCES
db:IVDid:3b57d158-40ac-4bc7-a39c-4366709c9d90
db:CNVDid:CNVD-2017-25721
db:VULHUBid:VHN-103276
db:BIDid:100665
db:JVNDBid:JVNDB-2017-012529
db:CNNVDid:CNNVD-201709-521
db:NVDid:CVE-2017-12725

LAST UPDATE DATE
2024-11-23T22:22:13.708000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-25721date:2017-09-11T00:00:00
db:VULHUBid:VHN-103276date:2018-03-02T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012529date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-521date:2018-08-23T00:00:00
db:NVDid:CVE-2017-12725date:2024-11-21T03:10:06.197

SOURCES RELEASE DATE
db:IVDid:3b57d158-40ac-4bc7-a39c-4366709c9d90date:2017-09-08T00:00:00
db:CNVDid:CNVD-2017-25721date:2017-09-08T00:00:00
db:VULHUBid:VHN-103276date:2018-02-15T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012529date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-521date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12725date:2018-02-15T10:29:00.523