Sign-up

ID

VAR-201802-0485


CVE

CVE-2017-12726


TITLE

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities related to the use of hard-coded credentials

Trust: 0.8

sources: JVNDB: JVNDB-2017-012530

DESCRIPTION

A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. Telnet on the pump uses hardcoded credentials, which can be used if the pump is configured to allow external communications. Smiths Medical assesses that it is not possible to upload files via Telnet and the impact of this vulnerability is limited to the communications module. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device

Trust: 2.7

sources: NVD: CVE-2017-12726 // JVNDB: JVNDB-2017-012530 // CNVD: CNVD-2017-25718 // BID: 100665 // IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8 // VULHUB: VHN-103277

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8 // CNVD: CNVD-2017-25718

AFFECTED PRODUCTS

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.1

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.5

Trust: 2.4

vendor:smiths medicalmodel:medfusion 4000 wireless syringe infusion pumpscope:eqversion:1.6

Trust: 2.4

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.6

vendor:smithsmodel:medical medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.6

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.6

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.5

Trust: 0.3

vendor:smiths medicalmodel:medfusion wireless syringe infusion pumpscope:eqversion:40001.1

Trust: 0.3

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.1

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:medfusion 4000 syringe infusion pumpmodel: - scope:eqversion:1.6

Trust: 0.2

sources: IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8 // CNVD: CNVD-2017-25718 // BID: 100665 // JVNDB: JVNDB-2017-012530 // CNNVD: CNNVD-201709-524 // NVD: CVE-2017-12726

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12726
value: HIGH

Trust: 1.0

NVD: CVE-2017-12726
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-25718
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201709-524
value: HIGH

Trust: 0.6

IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8
value: HIGH

Trust: 0.2

VULHUB: VHN-103277
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12726
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-25718
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103277
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12726
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.4
version: 3.0

Trust: 1.8

sources: IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8 // CNVD: CNVD-2017-25718 // VULHUB: VHN-103277 // JVNDB: JVNDB-2017-012530 // CNNVD: CNNVD-201709-524 // NVD: CVE-2017-12726

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.9

sources: VULHUB: VHN-103277 // JVNDB: JVNDB-2017-012530 // NVD: CVE-2017-12726

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-524

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201709-524

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012530

PATCH
title:Medfusion 4000 Wireless Syringe Infusion Pumpurl:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.8
title:Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Patch for Hard Coded Password Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/101782
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-25718 // 
            
            
            
            JVNDB: JVNDB-2017-012530

EXTERNAL IDS
db:NVDid:CVE-2017-12726
Trust: 3.6
db:ICS CERTid:ICSMA-17-250-02A
Trust: 2.5
db:BIDid:100665
Trust: 2.0
db:CNNVDid:CNNVD-201709-524
Trust: 0.9
db:ICS CERTid:ICSMA-17-250-02
Trust: 0.9
db:CNVDid:CNVD-2017-25718
Trust: 0.8
db:JVNDBid:JVNDB-2017-012530
Trust: 0.8
db:IVDid:6BE18953-F138-42A5-88A9-7F86890CF0D8
Trust: 0.2
db:VULHUBid:VHN-103277
Trust: 0.1
sources:
            
            
            IVD: 6be18953-f138-42a5-88a9-7f86890cf0d8 // 
            
            
            
            CNVD: CNVD-2017-25718 // 
            
            
            
            VULHUB: VHN-103277 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012530 // 
            
            
            
            CNNVD: CNNVD-201709-524 // 
            
            
            
            NVD: CVE-2017-12726

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a
Trust: 2.5
url:http://www.securityfocus.com/bid/100665
Trust: 1.7
url:https://ics-cert.us-cert.gov/advisories/icsma-17-250-02
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12726
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12726
Trust: 0.8
url:https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-25718 // 
            
            
            
            VULHUB: VHN-103277 // 
            
            
            
            BID: 100665 // 
            
            
            
            JVNDB: JVNDB-2017-012530 // 
            
            
            
            CNNVD: CNNVD-201709-524 // 
            
            
            
            NVD: CVE-2017-12726

CREDITS
Scott Gayou
Trust: 0.9
sources:
            
            
            BID: 100665 // 
            
            
            
            CNNVD: CNNVD-201709-524

SOURCES
db:IVDid:6be18953-f138-42a5-88a9-7f86890cf0d8
db:CNVDid:CNVD-2017-25718
db:VULHUBid:VHN-103277
db:BIDid:100665
db:JVNDBid:JVNDB-2017-012530
db:CNNVDid:CNNVD-201709-524
db:NVDid:CVE-2017-12726

LAST UPDATE DATE
2024-11-23T22:22:13.978000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-25718date:2017-09-08T00:00:00
db:VULHUBid:VHN-103277date:2018-03-02T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012530date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-524date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12726date:2024-11-21T03:10:06.310

SOURCES RELEASE DATE
db:IVDid:6be18953-f138-42a5-88a9-7f86890cf0d8date:2017-09-08T00:00:00
db:CNVDid:CNVD-2017-25718date:2017-09-08T00:00:00
db:VULHUBid:VHN-103277date:2018-02-15T00:00:00
db:BIDid:100665date:2017-09-07T00:00:00
db:JVNDBid:JVNDB-2017-012530date:2018-03-19T00:00:00
db:CNNVDid:CNNVD-201709-524date:2017-09-18T00:00:00
db:NVDid:CVE-2017-12726date:2018-02-15T10:29:00.570