Over 100,000 medical infusion pumps vulnerable to years old critical bug

silversurfer

Level 84
Thread author
Verified
Helper
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,565
Data collected from more than 200,000 network-connected medical infusion pumps used to deliver medication and fluids to patients shows that 75% of them are running with known security issues that attackers could exploit. The findings reveal that tens of thousands of devices are vulnerable to six critical-severity flaws (9.8 out of 10) reported in 2019 and 2020.

Using data collected from customers, researchers at Palo Alto Networks analyzed the security state of over 200,000 infusion pumps and found that between 30,000 and at least 100,000 of them are vulnerable to critical security issues. The most prevalent critical-severity flaw encountered is CVE-2019-12255, a memory corruption bug in the VxWorks real-time operating system (RTOS) used for embedded devices, including infusion pump systems. According to data from Palo Alto Networks, the flaw is present in 52% of the analyzed infusion pumps, which translates into more than 104,000 devices.
In a post today, Palo Alto Networks recommends healthcare providers adopt a proactive security strategy for keeping devices safe from known and unknown threats, which starts with an accurate inventory of all systems on the network. The researchers note that not all the vulnerabilities currently affecting the analyzed infusion pumps are practical for remote attacks but they are a "risk to the general security of healthcare organizations and the safety of patients."
 

Whitlow19

New Member
Mar 15, 2022
0
Very scary to look at cyber risk surrounding IoMT as the landscape continues to grow. These threats need to be mitigated by both the device manufacturers and the healthcare industry. The amount of high-scoring vulnerabilities on these pumps shows negligence for cyber security by the manufacturer. At the same time, manufacturers have made an effort to report vulnerabilities and provide updates. Based on the Palo Alto data showing that thousands of devices are vulnerable to flaws that were reported in 2019 and 2020, it seems that healthcare organizations continue to pay insufficient attention to cybersecurity. Given the frequency and severity of cyber incidents in the healthcare space, the industry desperately needs to improve security measures, not just for IoMT devices but across the entire network. I agree that healthcare organizations would benefit from increased network visibility in addition to measures such as network segmentation. Better inventory management protocols, stronger vendor relationships, strict and risk-based patching procedures, and isolation of legacy systems are needed.