RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Nucleus RTOS

Product
Developers: Siemens AG
Branches: Pharmaceuticals, medicine, healthcare

2021: US authorities: Millions of anesthesia devices can be hacked remotely due to holes in Siemens software

In mid-November 2021, Forescout Research Labs researchers supported by Medigate Labs discovered a set of 13 vulnerabilities that affect Siemens Nucleus RTOS software, which is often used in medical institutions. Vulnerability data on the risk scale have a rating of moderate 5.3 to critical 9.8 points. This can lead to a denial of maintenance of medical equipment, a leak of information, or a remote connection to the system and its reconfiguration.

Among the medical devices that may be affected are anesthesiological devices, mechanical ventilation devices and monitors for patients. The Forescout Research Labs researchers used various methods to estimate the number of devices affected by the vulnerability, known commonly as Nucleus: 13, and found evidence of software (software) use in Zoll defibrillators, Zonare ultrasound machines, GE Healthcare anesthetic apparatus, and Nihon Kohd. bedside monitor .

US authorities: Due to holes in Siemens software, millions of anesthesia devices can be hacked remotely

A representative of Siemens Healthineers said that the company continues to monitor the problem as it develops and can notify customers, if necessary, through the online portal Siemens Healthineers teamplay Fleet. The Food and Drug Administration (FDA) wants all manufacturers to assess their exposure to these vulnerabilities in software from Siemens, which was originally released in 1993.

An assessment conducted by Forescout revealed more than 2.2 thousand medical devices vulnerable to cybersecurity. The number of affected devices is more than twice the number of devices in any other industry. In all industries, researchers identified about 5.5 devices from 16 manufacturers from 127 customers. The US Cybersecurity and Infrastructure Protection Agency (CISA) advises users to take protective measures to reduce the risk of exploiting vulnerabilities, and update vulnerable devices as soon as updates become available.

The most serious vulnerabilities described in Nucleus: 13 allow an attacker to attack by type, denial of service, or perform remote execution of code, and its operation allows remote launch of malicious code within the target system over the local network or over the Internet. These are all potential safety implications for the large number of patients that historically force regulators to intervene. The good side is that most classes of these vulnerability-affected medical devices are usually either not networked or shielded and isolated in their own network segments, preventing a massive attack on medical devices[1]

Notes

  1. [1]Siemens software vulnerabilities potentially put millions of medical devices at risk