cvedb.io
CVE-2017-12718
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2018-02-15T10:29:00.227 · Last modified 2026-06-17T01:03:50.263

Summary

A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation.

Affected products

smiths-medical — medfusion_4000_wireless_syringe_infusion_pump

Does this affect you?

Add your gear to cvedb and we'll alert you only when smiths-medical ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.