An Improper Certificate Validation issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump does not validate host certificates, leaving the pump vulnerable to a man-in-the-middle (MITM) attack.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100665 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2018-02-15T10:00:00
Updated: 2018-02-15T10:57:01
Reserved: 2017-08-09T00:00:00
Link: CVE-2017-12721
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-15T10:29:00.320
Modified: 2018-03-02T16:10:29.773
Link: CVE-2017-12721
JSON object: View
Redhat Information
No data.
CWE