Metacurity

Share this post

Thirteen Flaws That Could Crash Anesthesia Machines, Patient Monitors Discovered

metacurity.substack.com

Thirteen Flaws That Could Crash Anesthesia Machines, Patient Monitors Discovered

Hackers-for-hire infiltrated accounts, phones of 3,500 people, Microsoft issues fixes for 55 bugs, Biden renews Trump's ban on Chinese tech, Google wins UK case on iPhone user data collection, more

Cynthia Brumfield
Nov 10, 2021
∙ Paid
1
Share

Researchers at Forescout, with support from MediaGate Labs, say they have found thirteen vulnerabilities affecting the Nucleus TCP/IP stack, a library now maintained by Siemens. The flaws affect medical devices and machinery used in other industries that could cause critical equipment such as patient monitors to crash if exploited by a hacker.

The vulnerabilities, dubbed NUCLEUS:13, allow for remote code execution, denial of service, and information leaks in devices such as anesthesia machines, patient monitors, etc. Siemens has released patches for all the vulnerabilities. Some of those had already been patched in existing versions of the stack but never issued CVE IDs. (Sean Lyngaas / CNN)

Related: Forescout, CNN.com, Becker’s Hospital Review, ZDNet, ICS-CERT Advisory Feed, Security Week, The Hacker News, The Record by Recorded Future

Netherlands-based Trend Micro cybersecurity researcher Feike Hacquebord discovered that a Russian-speaking RocketHack crew has quietly infiltrated email …

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing