Siemens CT scanners open to remote compromise via publicly available exploits

Siemens has finally provided patches for a number of Microsoft Windows SMBv1 vulnerabilities that affect some of the medical devices sold under the Siemens Healthineers brand.

Siemens CT scanners compromise

Some fixes are available

After WannaCry hit systems around the world in May, the company acknowledged that some of its customers may be facing impacts from the cyber-attack, as some of Siemens Healthineers’ products “may be affected by the Microsoft vulnerability being exploited by the WannaCry ransomware.”

Fixes have now been provided for a variety of laboratory diagnostics products, as well as radiography, mobile X-ray and mammography systems.

Siemens is still working on a few updates

But the company is yet to release patches for four easily and remotely exploitable flaws affecting select Siemens Healthineers molecular imaging products (PET, SPECT and CT scanners), exploits for which are, according to ICS CERT, publicly available.

The vulnerabilities are:

  • A code injection flaw affecting the Microsoft web server of affected devices (CVE-2015-1635)
  • A code injection, a buffer overflow, and a privilege escalation flaw affecting the HP Client automation service of affected devices (CVE-2015-1497, CVE-2015-7860, and CVE-2015-7861, respectively).

All of these vulnerabilities could be exploited by unauthenticated attackers to achieve remote code execution on vulnerable devices. And, as one can see from the CVE numbers assigned to them, they all date back to 2015.

Siemens has published an advisory last week acknowledging the vulnerabilities, and has said that they are working on updates for affected products.

Until those updates are ready and made available, Siemens is advising administrators of those devices to disconnect the product from the network and use in standalone mode.

from Help Net Security – News http://bit.ly/2uhfXWD
via IFTTT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s