OTPulse
FeedAboutContact

Hospira Symbiq Infusion System Vulnerability

Low RiskICS-CERT ICSA-15-174-01Mar 26, 2015
Summary

Hospira Symbiq Infusion System firmware versions 3.13 and earlier contain a command validation vulnerability (CWE-749) that allows unauthenticated remote modification of infusion pump parameters. An attacker with network access can alter medication flow rates, doses, or timing without authorization. The vulnerability affects infusion systems used in clinical care delivery. No firmware patch is available from the vendor.

What this means
What could happen
An attacker with network access to the Symbiq Infusion System could modify or control medication delivery settings, potentially causing harm to patients receiving IV infusions.
Who's at risk
Healthcare facilities using Hospira Symbiq Infusion Systems, particularly hospital pharmacies, intensive care units, and infusion centers where IV medications and fluids are administered to patients. The system directly controls medication delivery, making it a patient safety-critical device.
How it could be exploited
An attacker on the hospital network could send commands to the Symbiq system to alter infusion pump parameters (flow rate, medication dose, or timing). The device does not properly validate incoming commands, allowing an unauthenticated attacker to take control of active infusions.
Prerequisites
  • Network access to Symbiq Infusion System on hospital LAN or connected network
  • Device running firmware version 3.13 or earlier
  • No authentication required to send commands
remotely exploitableno authentication requiredaffects safety systemsno patch availablelow complexity
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
Symbiq Infusion System: <=3.13≤ 3.13No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGSegment the hospital network: isolate Symbiq infusion systems on a dedicated clinical network with restricted access from general IT systems and wireless networks
HARDENINGImplement firewall rules to block unauthorized connections to Symbiq devices; allow only connections from approved clinical workstations and nursing stations
WORKAROUNDDisable remote management features on Symbiq systems if not actively required for clinical operations
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Hospira/Baxter for device firmware update or replacement; document the end-of-life status of systems without patch availability
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/70396ef4-1421-4f3c-9d4e-146aaa069c06