Browse all 11 CVE security advisories affecting Hospira. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Hospira specializes in pharmaceutical production and medication delivery systems, with vulnerabilities historically spanning remote code execution, cross-site scripting, and privilege escalation. Their devices, including infusion pumps and medication management software, have faced multiple security flaws that could allow unauthorized access or manipulation. Notably, Hospira's Symbiq infusion pump system contained hardcoded credentials and unauthenticated vulnerabilities, prompting FDA advisories. The company maintains 11 CVEs, with many issues relating to network protocols and default configurations that expose critical healthcare infrastructure to potential compromise. Security researchers have repeatedly highlighted risks in their connected medical devices, underscoring persistent challenges in securing IoT-enabled healthcare technology.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2014-5401 | Hospira MedNet Code Injection — MedNetCWE-94 | 9.8 | - | 2019-03-26 |
| CVE-2014-5400 | Hospira MedNet Password in Configuration File — MedNetCWE-260 | 8.4 | - | 2015-04-03 |
| CVE-2014-5403 | Hospira MedNet Use of Hard-coded Cryptographic Key — MedNetCWE-321 | 5.9 | - | 2015-04-03 |
| CVE-2014-5405 | Hospira MedNet Use of Hard-coded Password — MedNetCWE-259 | 8.8 | - | 2015-04-03 |
This page lists every published CVE security advisory associated with Hospira. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.