High severity7.3NVD Advisory· Published Jan 22, 2016· Updated May 6, 2026

CVE-2015-7909

Description

Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port 5000.

Affected products

Hospira/Communication Engine
cpe:2.3:o:hospira:communication_engine:*:*:*:*:*:*:*:*
Range: <=1.0
Hospira/Lifecare Pca Infusion System
cpe:2.3:h:hospira:lifecare_pca_infusion_system:5.0.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-15-337-02nvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000