← Back

CVE-2017-12722

nvd nist
Published: Feb 15, 2018Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the communications module would not impact the operation of the therapeutic module.

Affected (3)

Smiths Medical
1 product
Medfusion 4000 Wireless Syringe Infusion Pump
Configuration A
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Smiths Medical
Medfusion 4000 Wireless Syringe Infusion Pump
Version 1.1
Medfusion 4000 Wireless Syringe Infusion Pump
Version 1.5
Medfusion 4000 Wireless Syringe Infusion Pump
Version 1.6
Running on/withPlatform Versions
Smiths Medical
Medfusion 4000 Wireless Syringe Infusion Pump
All versions

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (6)

Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.