Hospira Lifecare Pcainfusion Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Hospira Lifecare Pcainfusion Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2015-3459 — CVSS 10.0 (critical): The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions…
CVE-2015-3955 — CVSS 10.0 (critical): Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers…
CVE-2015-3958 — CVSS 7.8 (high): Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to cause a denial of service…
CVE-2014-5406 — CVSS 7.6 (high): The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a (1) drug library, (2)…
CVE-2015-1011 — CVSS 5.0 (medium): Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via…
CVE-2015-3957 — CVSS 4.6 (medium): Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors.