Description
Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the network.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03
Various Sources
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03
Scores
EPSS
0.0068
EPSS Percentile
71.6%
Details
CWE
CWE-310
CWE-321
Status
published
Products (3)
hospira/mednet
< 5.8
Hospira/MedNet
< 5.8
Hospira/MedNet
6.1
Published
Apr 03, 2015
Tracked Since
Feb 18, 2026