The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.7% and no vendor patch available.
Privilege Escalation
Lifecare Pcainfusion Firmware
Lifecare Pca3
Lifecare Pca5
NVD
CVSS 2.0
10.0
EPSS
17.7%