Report: Nearly 75% of Infusion Pumps Affected by Severe Vulnerabilities

An analysis of data crowdsourced from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% of those medical devices contain security weaknesses that could put them at risk of potential exploitation.

“These shortcomings included exposure to one or more of some 40 known cybersecurity vulnerabilities and/or alerts that they had one or more of some 70 other types of known security shortcomings for IoT devices,” Unit 42 security researcher Aveek Das said in a report published Wednesday.

Palo Alto Networks’ threat intelligence team said it obtained the scans from seven medical device manufacturers. On top of that, 52.11% of all infusion pumps scanned were susceptible to two known vulnerabilities that were disclosed in 2019 as part of 11 flaws collectively called “URGENT/11” –

  • CVE-2019-12255 (CVSS score: 9.8) – A buffer overflow flaw in the TCP component of Wind River VxWorks
  • CVE-2019-12264 (CVSS score: 7.1) – An issue with incorrect access control in the DHCP client component of Wind River VxWorks

Other important flaws impacting infusion pump are listed below –

  • CVE-2016-9355 (CVSS score: 5.3) – An unauthorized user with physical access to an Alaris 8015 Point of Care units may be able to disassemble the device to access the removable flash memory, allowing read-and-write access to device memory
  • CVE-2016-8375 (CVSS score: 4.9) – A credential management error in Alaris 8015 Point of Care units that could be exploited to gain unencrypted wireless network authentication credentials and other sensitive technical data
  • CVE-2020-25165 (CVSS score: 7.5) – An improper session authentication vulnerability in Alaris 8015 Point of Care units that could be abused to perform a denial-of-service attack on the devices
  • CVE-2020-12040 (CVSS score: 9.8) – Cleartext transmission of sensitive information in Sigma Spectrum Infusion System
  • CVE-2020-12047 (CVSS score: 9.8) – Use of hard-coded FTP credentials in Baxter Spectrum WBM
  • CVE-2020-12045 (CVSS score: 9.8) – Use of hard-coded Telnet credentials in Baxter Spectrum WBM
  • CVE-2020-12043 (CVSS score: 9.8) – Baxter Spectrum WBM FTP service remains operational after its expected expiry time until it’s rebooted
  • CVE-2020-12041 (CVSS score: 9.8) – Baxter Spectrum Wireless Battery Module (WBM) permits data transmission and command-line interfaces over Telnet

Successful exploitation of the aforementioned vulnerabilities could result in leakage of sensitive information pertaining to patients and allow an attacker to gain unauthorized access to the devices, necessitating that health Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *