CVE-2014-5403

CVE-2014-5403: Hospira MedNet Use of Hard-coded Cryptographic Key

Vendor Hospira
Product MedNet
Weakness CWE-321
Published April 3, 2015
Last update November 3, 2025

CVSS base score

What the vulnerability does

01Description

Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the network.

Key dates

02Disclosure timeline

April 3, 2015 CVE published
November 3, 2025 Record updated