Smiths-medical Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Medical Device Software	8
Not Defined	2

Product

Smiths-Medical Medfusion 4000 Wireless Syringe Inf ...	8
Smiths-Medical CADD-Solis Medication Safety Softwa ...	2

Remediation

Official Fix	2
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	8

Exploitability

High	0
Functional	0
Proof-of-Concept	2
Unproven	0
Not Defined	8

Access Vector

Not Defined	0
Physical	2
Local	0
Adjacent	0
Network	8

Authentication

Not Defined	0
High	0
Low	2
None	8

User Interaction

Not Defined	0
Required	0
None	10

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	0
≤7	6
≤8	2
≤9	0
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	2
≤7	4
≤8	2
≤9	0
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	4
≤7	0
≤8	4
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	2
≤7	0
≤8	0
≤9	4
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	2
<2k	6
<5k	2
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Today

<1k	10
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Products (2): CADD-Solis Medication Safety Software (2), Medfusion 4000 Wireless Syringe Infusion Pump (8)

Published	Base	Temp	Vulnerability	Prod	Exp	Rem	EPSS	CTI	CVE
02/15/2018	7.3	7.3	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump Telnet Server hard-coded credentials	Medical Device Software	Not Defined	Not Defined	0.00115	0.02	CVE-2017-12726
02/15/2018	6.5	6.5	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump Network Configuration hard-coded credentials	Medical Device Software	Not Defined	Not Defined	0.00081	0.00	CVE-2017-12725
02/15/2018	7.7	7.7	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump FTP Server hard-coded credentials	Medical Device Software	Not Defined	Not Defined	0.00172	0.00	CVE-2017-12724
02/15/2018	4.5	4.5	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump Configuration File Password information disclosure	Medical Device Software	Not Defined	Not Defined	0.00057	0.00	CVE-2017-12723
02/15/2018	5.3	5.3	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump Communication Module out-of-bounds	Medical Device Software	Not Defined	Not Defined	0.00258	0.00	CVE-2017-12722
02/15/2018	5.7	5.7	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump Certificate certificate validation	Medical Device Software	Not Defined	Not Defined	0.00068	0.00	CVE-2017-12721
02/15/2018	7.7	7.7	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump FTP Server access control	Medical Device Software	Not Defined	Not Defined	0.00207	0.00	CVE-2017-12720
02/15/2018	6.8	5.9	Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump DHCP memory corruption	Medical Device Software	Proof-of-Concept	Official Fix	0.32672	0.00	CVE-2017-12718
02/13/2017	7.9	7.9	Smiths-Medical CADD-Solis Medication Safety Software origin validation	Unknown	Not Defined	Not Defined	0.00087	0.00	CVE-2016-8358
02/13/2017	7.0	7.0	Smiths-Medical CADD-Solis Medication Safety Software missing authentication	Unknown	Not Defined	Not Defined	0.00084	0.04	CVE-2016-8355

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!