OTPulse
FeedAboutContact

Hospira MedNet Vulnerabilitie

Low RiskICS-CERT ICSA-15-090-03Jan 1, 2015
Summary

Hospira MedNet versions 5.8 and earlier contain a code injection vulnerability (CWE-94) that could allow an attacker to execute arbitrary code on the system.

What this means
What could happen
An attacker could inject and execute malicious code on the MedNet system, potentially compromising the integrity of medication delivery data, system operations, or patient safety records.
Who's at risk
Healthcare facilities using Hospira MedNet for medication management and dispensing should assess their exposure. This affects hospital pharmacy operations, medication preparation workflows, and systems that track or deliver medications to patients.
How it could be exploited
An attacker with network access to the MedNet system could inject malicious code through input validation weaknesses. If successful, the attacker could execute arbitrary commands on the affected device, affecting medication management workflows or data integrity.
Prerequisites
  • Network access to the MedNet system
  • Ability to submit crafted input to a vulnerable interface
code injection vulnerabilityno patch availableaffects healthcare delivery systems
Exploitability
Moderate exploit probability (EPSS 1.7%)
Affected products (1)
ProductAffected VersionsFix Status
MedNet: <=5.8≤ 5.8No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/1
WORKAROUNDApply input validation and filtering at the application and network level to prevent code injection attempts
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGMonitor MedNet system for unusual code execution or unexpected process activity
HARDENINGRestrict user privileges on MedNet systems to only those required for pharmacy staff operations
Mitigations - no patch available
0/2
MedNet: <=5.8 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to restrict unauthorized access to MedNet systems from untrusted networks or workstations
HARDENINGContact Hospira (now part of Becton Dickinson) to assess end-of-life status and explore migration to a patched alternative system
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/7b54e5ca-d987-4b43-b663-af6175d6eff8
Hospira MedNet Vulnerabilitie - OTPulse