Skip to main content

Critical Bugs Expose Hundreds of Thousands of Medical Devices and ATMs

posted onMarch 8, 2022
by l33tdawg
Wired
Credit: Wired

Specialized health care devices, from imaging tools like CT scanners to diagnostic lab equipment, are often inadequately protected on hospital networks. Now, new findings about seven vulnerabilities in an internet of things remote management tool underscore the interconnected exposures in medical devices and the broader IoT ecosystem.

Researchers from the health care security firm CyberMDX, which was acquired last month by the IoT security firm Forescout, found the seven easily exploited vulnerabilities, collectively dubbed Access:7, in the IoT remote access tool PTC Axeda. The platform can be used with any embedded device, but it has proven particularly popular in medical equipment. The researchers also found that some companies have used it to remotely manage ATMs, vending machines, barcode scanning systems, and some industrial manufacturing equipment. The researchers estimate that the Access:7 vulnerabilities are in hundreds of thousands of devices in all. In a review of its own customers, Forescout found more than 2,000 vulnerable systems.

“You can imagine the type of impact an attacker could have when they can either exfiltrate data from medical equipment or other sensitive devices, potentially tamper with lab results, make critical devices unavailable, or take them over entirely,” says Daniel dos Santos, head of security research at Forescout.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th