CVE-2017-12721

Name of the Vulnerable Software and Affected Versions: Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump versions 1.1, 1.5, and 1.6

Description: An issue with improper certificate validation was found, which could allow a man-in-the-middle (MITM) attack. The pump fails to validate host certificates.

Recommendations: For version 1.1, update the certificate validation mechanism to prevent MITM attacks. For version 1.5, ensure proper host certificate validation is implemented to secure the connection. For version 1.6, modify the certificate validation process to verify the authenticity of host certificates and prevent unauthorized access.