Calendar of Updates

Information Resources & Product News => Security Information Center => Security & Technology News => Topic started by: Antus67 on June 14, 2019, 03:28:50 am

Title: Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Post by: Antus67 on June 14, 2019, 03:28:50 am
Author: Ionut Ilascu

(https://www.bleepstatic.com/content/posts/2019/06/12/Alaris.png)

Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it.

A flaw in the firmware code of the device has been assigned the highest severity score, a perfect 10, so it can be exploited remotely and without authentication. The other issue received is less severe and affects the workstation's web-based management interface.

Alaris Gateway Workstation (AGW) is a product of Becton Dickinson and is used to communicate with infusion pumps and to power them during blood transfusions, anesthesia, and various therapy sessions like chemotherapy and dialysis.

full article here:https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/ (https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/)