• About
  • Advertise
  • Careers
  • Contact
Saturday, July 2, 2022
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

DHS CISA warns of Critical issues in Medtronic Medical equipment

by Cyber360 News
November 11, 2019
in Security
0
DHS CISA warns of Critical issues in Medtronic Medical equipment
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Department of Homeland Security (DHS) warns of critical flaws impacting Medtronic Valleylab products that could allow hackers to overwrite files and achieve remote code execution.

The US DHS Cybersecurity & Infrastructure Security Agency (CISA) issued a security advisory to warn of three recently patched flaws in Medtronic Valleylab products that could be exploited to install a non-root shell.

The flaws affect Medtronic Valleylab FT10 and FX8 devices, experts warn that that network connectivity for these systems is often enabled exposing them to remote hack.

“Successful exploitation of these vulnerabilities may allow an attacker to overwrite files or remotely execute code, resulting in a remote, non-root shell on the affected products. By default, the network connections on these devices are disabled.” reads the advisory. “Additionally, the Ethernet port is disabled upon reboot. However, it is known that network connectivity is often enabled.”

The first vulnerability, tracked as CVE-2019-13543, is related to the use of hardcoded credentials that could allow attackers to read files.

The CVE-2019-13543 vulnerability has received a base score of 5.8.

The second flaw discovered in the Medtronic Valleylab products (CVE-2019-13539) ties the use of the descrypt algorithm for OS password hashing. The advisory states that although network-based logons are disabled, an attacker could use other flaws to get local shell access and obtain these hashes. The vulnerability has received a CVSS score of 7.0.

Another vulnerability is related to the use of a vulnerable version of the rssh utility in these products to facilitate file uploads. The vulnerability could be exploited by attackers to gain administrative access to files or execute arbitrary code. These flaws, tracked as CVE-2019-3464 and CVE-2019-3463, received a CVSS score of 9.8.

Affected products are Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below.

The good news is that Medtronic has already released security patches for the FT10 platform and the fixes for the FX8 platform are expected to be released in early 2020.

CISA’s advisory provides the following recommendations to minimize the risk of exploitation of these vulnerabilities:

  • Minimize network exposure for all medical devices and/or systems.
  • Locate medical devices behind firewalls and isolate them where possible.
  • Restrict system access to authorized personnel only and follow a least privilege approach.
  • Apply defense-in-depth strategies.
  • Disable any unnecessary accounts, protocols and services.
  • Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA at the following location: https://www.fda.gov/medical-devices/digital-health/cybersecurity

The vendor recommends users to only connect these devices to the hospital network when necessary.

“Medtronic recommends that surgeons and nurses continue to use these devices as intended. Customers should maintain good cyber hygiene practices by only connecting these devices to the hospital network when necessary and shutting them down between uses until the new software update is complete,” reads the advisory published by the vendor.

A separate advisory published by DHS warns of two other vulnerabilities affecting Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN) version 1.20.2 and lower.

“Successful exploitation of these vulnerabilities may allow an attacker to connect inauthentic instruments to the affected products by spoofing RFID security mechanisms.” reads the advisory. “This may lead to a loss of performance integrity and platform availability due to incorrect identification of instrument and associated parameters.”

Medtronic already released updates that address both vulnerabilities.

Pierluigi Paganini

(SecurityAffairs – Medtronic, hacking)



Share On


Cyber360 News

Cyber360 News

Next Post
Two former Twitter employees charged of spying on Users for Saudi Arabian Government

Two former Twitter employees charged of spying on Users for Saudi Arabian Government

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In