Vulnerability Details : CVE-2017-12718
A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation.
Vulnerability category: OverflowExecute code
Products affected by CVE-2017-12718
- cpe:2.3:o:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:1.1:*:*:*:*:*:*:*When used together with: Smiths-medical » Medfusion 4000 Wireless Syringe Infusion Pump » Version: N/A
- cpe:2.3:o:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:1.5:*:*:*:*:*:*:*When used together with: Smiths-medical » Medfusion 4000 Wireless Syringe Infusion Pump » Version: N/A
- cpe:2.3:o:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:1.6:*:*:*:*:*:*:*When used together with: Smiths-medical » Medfusion 4000 Wireless Syringe Infusion Pump » Version: N/A
Exploit prediction scoring system (EPSS) score for CVE-2017-12718
34.76%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-12718
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
|
8.1
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
NIST |
CWE ids for CVE-2017-12718
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: ics-cert@hq.dhs.gov (Secondary)
References for CVE-2017-12718
-
https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A
Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities (Update A) | CISAThird Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/101252
NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service VulnerabilitiesThird Party Advisory;VDB Entry
-
https://www.exploit-db.com/exploits/43776/
Smiths Medical Medfusion 4000 - 'DHCP' Denial of ServiceThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/100665
Medfusion 4000 Wireless Syringe Infusion Pump ICSMA-17-250-02 Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
Jump to