Skip to main content
CVE-2015-3459 CRITICAL Act Now

The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.7% and no vendor patch available.

Privilege Escalation Lifecare Pcainfusion Firmware Lifecare Pca3 Lifecare Pca5
NVD
CVSS 2.0
10.0
EPSS
17.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy