CVE-2015-7909

HIGH

Hospira Communication Engine < 1.2 - Stack-based Buffer Overflow via TCP Port 5000

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port 5000.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-337-02

Scores

CVSS v3 7.3
EPSS 0.0111
EPSS Percentile 62.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-119
Status published
Products (2)
hospira/communication_engine < 1.0
hospira/lifecare_pca_infusion_system 5.0.7
Published Jan 22, 2016
Tracked Since Feb 18, 2026