Vulnerabilities (CVE)

Filtered by vendor Pfizer Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-3965 1 Pfizer 2 Symbiq Infusion System, Symbiq Infusion System Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function.
CVE-2015-1012 1 Pfizer 2 Lifecare Pca Infusion System, Lifecare Pca Infusion System Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless capacity in a clinical setting. Hospira has developed a new version of the PCS Infusion System, version 7.0 that addresses the identified vulnerabilities. Version 7.0 has Port 20/FTP and Port 23/TELNET closed by default to prevent unauthorized access.