Search
Find a vulnerability
Search criteria
2 vulnerabilities found for luna_cpap_machine_firmware by cpap
CVE-2017-12701 (GCVE-0-2017-12701)
Vulnerability from nvd – Published: 2018-04-17 14:00 – Updated: 2024-09-17 02:27
VLAI
EPSS
VEX
Summary
BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP's Wi-Fi module resulting in a denial-of-service condition.
Severity
No CVSS data available.
CWE
- CWE-20 - Improper input validation write CWE-20
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/100354 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BMC Medical | Luna CPAP Machine |
Affected:
all devices released prior to July 1, 2017.
|
Date Public
2017-08-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100354"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Luna CPAP Machine",
"vendor": "BMC Medical",
"versions": [
{
"status": "affected",
"version": "all devices released prior to July 1, 2017."
}
]
}
],
"datePublic": "2017-08-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP\u0027s Wi-Fi module resulting in a denial-of-service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper input validation write CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-18T09:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "100354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100354"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2017-08-15T00:00:00",
"ID": "CVE-2017-12701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Luna CPAP Machine",
"version": {
"version_data": [
{
"version_value": "all devices released prior to July 1, 2017."
}
]
}
}
]
},
"vendor_name": "BMC Medical"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP\u0027s Wi-Fi module resulting in a denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper input validation write CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100354"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-12701",
"datePublished": "2018-04-17T14:00:00.000Z",
"dateReserved": "2017-08-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:27:16.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12701 (GCVE-0-2017-12701)
Vulnerability from cvelistv5 – Published: 2018-04-17 14:00 – Updated: 2024-09-17 02:27
VLAI
EPSS
VEX
Summary
BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP's Wi-Fi module resulting in a denial-of-service condition.
Severity
No CVSS data available.
CWE
- CWE-20 - Improper input validation write CWE-20
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/100354 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BMC Medical | Luna CPAP Machine |
Affected:
all devices released prior to July 1, 2017.
|
Date Public
2017-08-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100354"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Luna CPAP Machine",
"vendor": "BMC Medical",
"versions": [
{
"status": "affected",
"version": "all devices released prior to July 1, 2017."
}
]
}
],
"datePublic": "2017-08-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP\u0027s Wi-Fi module resulting in a denial-of-service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper input validation write CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-18T09:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "100354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100354"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2017-08-15T00:00:00",
"ID": "CVE-2017-12701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Luna CPAP Machine",
"version": {
"version_data": [
{
"version_value": "all devices released prior to July 1, 2017."
}
]
}
}
]
},
"vendor_name": "BMC Medical"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP\u0027s Wi-Fi module resulting in a denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper input validation write CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100354"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-227-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-12701",
"datePublished": "2018-04-17T14:00:00.000Z",
"dateReserved": "2017-08-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:27:16.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}