5

Security vulnerabilities found in infusion pumps used to treat patients

 2 years ago
source link: https://siliconangle.com/2022/09/08/security-vulnerabilities-found-infusion-pumps-used-treat-patients/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Security vulnerabilities found in infusion pumps used to treat patients

baxterpmp.jpg
SECURITY

The idea that medical devices can be hacked for nefarious purposes may sound like something out of movies, but as more and more devices provide connectivity, the risk is exponentially growing.

In a newly published report, researchers at Rapid7 Inc. have detailed vulnerabilities in two TCP/IP enabled medical devices produced by Baxter Healthcare Inc., a company that focuses on products that treat kidney disease and other chronic and acute medical conditions.

The vulnerabilities were found in the SIGMA Spectrum Infusion Pump and the SIGMA Wi-Fi Battery. Baxter’s SIGMA Spectrum products are a commonly used brand of infusion pumps used in hospitals to deliver medication and nutrition directly to a patient. The devices are TCP/IP enabled to provide data to healthcare providers to enable more effective, coordinated care.

Various vulnerabilities were found in both devices. The Wi-Fi battery works in conjunction with the pump, and Wi-Fi credentials are transferred to the battery when the pump is powered up. The use of the battery opens the first vulnerability where an attacker could install a Wi-Fi battery unit, power-cycle the infusion pump, and then remove the battery, which now has critical Wi-Fi data that can be reverse-engineered.

Another vulnerability in the Wi-Fi battery, dubbed “Hostmessage,” allows an attacker to obtain data from the battery through a telnet session. A “format string vulnerability” in the Wi-Fi battery’s software can also be triggered to obtain information from the battery.

There’s even more. The Wi-Fi battery also allowed for unauthenticated remote changing of the SIGMA GW IP address, a setting used for configuring the back-end communication services for the device’s operation.

With the SIGMA Spectrum Infusion Pump, vulnerabilities include the ability for a malicious actor with physical access to place a communication shim between the pump and battery to capture data during the power-up cycle of the unit.

Rapid7 followed standard security disclosure procedures after discovering the vulnerabilities in April, though Baxter was slow in responding. After informing the company of the issues on April 20, the Rapid7 researchers requested an update from Baxter on May 11. Rapid7 then presented its findings to Baxter via teleconference on June 1. A final review of the findings and mitigations for the vulnerabilities were finalized on Aug. 31.

Photo: Baxter Healthcare

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK