Tech »  Topic »  Federal Authorities Warn of Cardio Product Security Flaws

Federal Authorities Warn of Cardio Product Security Flaws


Vulnerabilities Contained in Certain Hillrom Medical Electrocardiographs Marianne Kolbasuk McGee (HealthInfoSec) • June 23, 2022

Heart monitors built by Hillrom Medical and used by medical practices across the globe contain a vulnerability that allows hackers to gain unauthorized access by exploiting the devices' short-range Wi-Fi connection.

See Also: Fireside Chat | Zero Tolerance: Controlling The Landscape Where You'll Meet Your Adversaries

The same line of electrocardiographs also contains hard-coded passwords, a coding flaw that hackers relish but cybersecurity experts abhor.

Hillrom is releasing a patch after coordinating disclosure with the U.S. Cybersecurity and Infrastructure Security Agency, which issued an alert last week. Baxter International acquired Hillrom last December.

No known exploits target the vulnerabilities, which allow attackers to compromise the devices' software security by executing commands, gaining privileges, accessing sensitive information and evading detection, CISA warns.

They're nonetheless reminders of the importance of addressing security throughout the device life ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE