Unauthenticated Remote Access Vulnerability in Hospira LifeCare PCA Infusion System

Unauthenticated Remote Access Vulnerability in Hospira LifeCare PCA Infusion System

CVE-2015-3459 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands.

Learn more about our Web Application Penetration Testing UK.