Saturday, 9 September 2017
One comments

Critical Vulnerability Found In Wireless Medical Devices

Critical Vulnerability Found In Wireless Medical Devices


Critical Vulnerability Found In Wireless Medical Devices.


Cybersecurity researcher Scott Gayou found the vulnerability in Syringe infusion pump. 


The Syringe infusion pumps are used to deliver small doses of medication from a variety of syringe sizes in acute care settings.

The vulnerabilities including Buffer overflow, improper certificate, hard-coded credentials and passwords, passwords stored in the configuration fiel and improper access control.

Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5 and 1.6 are affected. The good thing is there is no known public exploits to target these vulnerabilities. But It can be possible when the attacker should have high skill to exploit these vulnerability remotely.

What's Impact


Cyber attackers can exploit these vulnerabilities and may allow remotely to gain unauthorized access and impact the intended operation of the Pump. Despite the segmented design, it may be possible for an attacker to compromise the communications module and the therapeutic module of the pump. said ICS-CERT


Smiths Medical is planning to release Version 1.6.1 for the Medfusion 4000 Wireless Syringe Infusion Pump in January, 2018.


  • Smiths Medical recommends users apply the following defensive measures:
  • Assign static IP addresses to the Medfusion 4000 Wireless Syringe Infusion Pump.
  • Monitor network activity for rogue DNS and DHCP servers.
  • Ensure network segments which the Medfusion 4000 medical infusion pumps are installed are segmented from other hospital and clinical information technology infrastructure.
  • Consider network micro segmentation.
  • Consider use of network virtual local area networks (VLANs) for the segmentation of the Medfusion 4000 medical infusion pumps.
  • Apply proper password hygiene standards across systems (i.e., use uppercase, lowercase, special characters, and a minimum character length of eight).
  • Do not re-use passwords.
  • Routinely take backups and perform routine evaluations.


Smart devices are in every section, like Medical, Automobile, Electronics and many more. We should always aware of its security and keep to protect ourself from cyber attack.

1 comments:



  1. I cannot over emphasize the professionalism of [email protected] I have spent several hours monitoring my husband and his co-worker flirting literally and there has not been any technical malfunctions. I have been able to monitor all his communications with his girlfriend and I can see clearly that he has alot of them, he must be a devil, because I dont understand how he still comes home to tell me he loves me.. I have never been this dissapointed and sad in my life before. I really want to thank my stars I took courage to contact him and for all his tender kindness towards assisting me and giving me exactly what I requested for in the hack. You can also take a bold step t contact him and findout about your cheating spouse: [email protected] call and text +1 512 605 1256

    ReplyDelete

 
Toggle Footer
Top