VAR-201802-0481
Vulnerability from variot - Updated: 2023-12-18 12:19An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the communications module would not impact the operation of the therapeutic module. NXP Semiconductors Provided by MQX RTOS Has multiple vulnerabilities. Buffer overflow (CWE-120) - CVE-2017-12718 MQX version 5.0 of RTCS DHCP On the client, DHCP option 66 and 67 The data length check corresponding to is not performed correctly. A remote third party crafted these data items DHCP Sending a packet can cause a buffer overflow and execute arbitrary code. Read out of bounds (CWE-125) - CVE-2017-12722 MQX version 4.1 And earlier DNS The client is illegal DNS The packet size cannot be handled properly and an out-of-region memory reference occurs. Remote third party crafted DNS Sending a packet causes an out-of-region memory reference and disrupts service operation ( DoS ) Is possible.The expected impact depends on each vulnerability, but can be affected as follows: * * Crafted by a remote third party DHCP By sending a packet, arbitrary code is executed with system privileges. - CVE-2017-12718 * * Crafted by a remote third party DNS By sending a packet, service disruption ( DoS ) - CVE-2017-12722. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. Attackers can exploit these issues to crash the application, resulting in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0481",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.6"
},
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.5"
},
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "mqx real-time operating system",
"scope": "lte",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "version 4.1 (cve-2017-12722)"
},
{
"model": "mqx real-time operating system",
"scope": "eq",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "version 5.0 (cve-2017-12718)"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.1"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.5"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.6"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.6"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.5"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.1"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.8"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.7"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.6"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.5"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.4"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.3"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.2"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.1"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "5.0"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "4.2"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.6"
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:smiths-medical:medfusion_4000_wireless_syringe_infusion_pump:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Scott Gayou",
"sources": [
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
],
"trust": 1.2
},
"cve": "CVE-2017-12722",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-25722",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-103273",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12722",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-25722",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-520",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-103273",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the communications module would not impact the operation of the therapeutic module. NXP Semiconductors Provided by MQX RTOS Has multiple vulnerabilities. Buffer overflow (CWE-120) - CVE-2017-12718 MQX version 5.0 of RTCS DHCP On the client, DHCP option 66 and 67 The data length check corresponding to is not performed correctly. A remote third party crafted these data items DHCP Sending a packet can cause a buffer overflow and execute arbitrary code. Read out of bounds (CWE-125) - CVE-2017-12722 MQX version 4.1 And earlier DNS The client is illegal DNS The packet size cannot be handled properly and an out-of-region memory reference occurs. Remote third party crafted DNS Sending a packet causes an out-of-region memory reference and disrupts service operation ( DoS ) Is possible.The expected impact depends on each vulnerability, but can be affected as follows: * * Crafted by a remote third party DHCP By sending a packet, arbitrary code is executed with system privileges. - CVE-2017-12718 * * Crafted by a remote third party DNS By sending a packet, service disruption ( DoS ) - CVE-2017-12722. A buffer-overflow vulnerability\n2. A denial-of-service vulnerability\n3. An access-bypass vulnerability\n4. Multiple security-bypass vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. Attackers can exploit these issues to crash the application, resulting in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "VULHUB",
"id": "VHN-103273"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12722",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSMA-17-250-02A",
"trust": 2.5
},
{
"db": "BID",
"id": "100665",
"trust": 2.0
},
{
"db": "BID",
"id": "101252",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#590639",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSMA-17-250-02",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-25722",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-04A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96796469",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586",
"trust": 0.8
},
{
"db": "IVD",
"id": "52BCCDAF-AF7C-4B8C-A161-1D0C1307BB73",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103273",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"id": "VAR-201802-0481",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
}
]
},
"last_update_date": "2023-12-18T12:19:07.595000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MQX Real-Time Operating System (RTOS)",
"trust": 0.8,
"url": "https://www.nxp.com/support/developer-resources/run-time-software/mqx-software-solutions/mqx-real-time-operating-system-rtos:mqxrtos?fsrch=1\u0026sr=1\u0026pagenum=1"
},
{
"title": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Memory Read Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/101787"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
},
{
"problemtype": "CWE-120",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100665"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101252"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-04"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/590639"
},
{
"trust": 0.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-250-02"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.8,
"url": "https://github.com/sgayou/medfusion-4000-research/blob/master/doc/readme.md"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12718"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12722"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-04a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96796469/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12722"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12718"
},
{
"trust": 0.3,
"url": "https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump"
},
{
"trust": 0.3,
"url": "https://www.nxp.com/support/developer-resources/run-time-software/mqx-software-solutions/mqx-real-time-operating-system-rtos:mqxrtos?fsrch=1\u0026sr=1\u0026pagenum=1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-08T00:00:00",
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"date": "2017-10-12T00:00:00",
"db": "CERT/CC",
"id": "VU#590639"
},
{
"date": "2017-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-103273"
},
{
"date": "2017-09-07T00:00:00",
"db": "BID",
"id": "100665"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101252"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"date": "2018-02-15T10:29:00.383000",
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#590639"
},
{
"date": "2017-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"date": "2018-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-103273"
},
{
"date": "2017-09-07T00:00:00",
"db": "BID",
"id": "100665"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101252"
},
{
"date": "2018-04-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"date": "2018-03-02T16:09:11.517000",
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Memory read vulnerability",
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…