9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Cybersecurity researchers on Monday disclosed a set of nine vulnerabilities known as βPwnedPiperβ that left a widely-used pneumatic tube system (PTS) vulnerable to critical attacks, including a possibility of complete takeover.
The security weaknesses, disclosed by American cybersecurity firm Armis, impact the Translogic PTS system by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and in no fewer than 3,000 hospitals worldwide.
βThese vulnerabilities can enable an unauthenticated attacker to take over Translogic PTS stations and essentially gain complete control over the PTS network of a target hospital,β Armis researchers Ben Seri and Barak Hadad said. βThis type of control could enable sophisticated and worrisome ransomware attacks, as well as allow attackers to leak sensitive hospital information.β
Pneumatic tube systems are internal logistics and transport solutions that are used to securely transport blood, tissue, and lab samples in hospital settings to diagnostic laboratories.
Successful exploitation of the issues, therefore, could result in leakage of sensitive information, enable an adversary to manipulate data, and even compromise the PTS network to carry out a man-in-the-middle (MitM) attack and deploy ransomware, thereby effectively halting the operations of the hospital.
The details about the nine PwndPiper vulnerabilities are listed as follows -
In a nutshell, the flaws β which concern privilege escalation, memory corruption, and denial-of-service β could be abused to gain root access, achieve remote-code-execution, or render systems unavailable, and worse, permit an attacker to maintain persistence on compromised PTS stations via an insecure firmware upgrade procedure, leading to unauthenticated remote-code-execution. Itβs also worth noting that a patch for CVE-2021-37160 is expected to be shipped at a future date.
βThe potential for pneumatic tube stations (where the firmware is deployed) to be compromised is dependent on a bad actor who has access to the facilityβs information technology network and who could cause additional damage by leveraging these exploits,β Swisslog Healthcare said in an independent advisory published today.
Translogic PTS system customers are highly recommended to update to the latest firmware (Nexus Control Panel version 7.2.5.7) to mitigate any potential risk that may arise out of real-world exploitation of the shortcomings.
βThis research sheds light on systems that are hidden in plain sight but are nevertheless a crucial building block to modern-day healthcare,β Seri and Hadad said. βUnderstanding that patient care depends not only on medical devices, but also on the operational infrastructure of a hospital is an important milestone to securing healthcare environments.β
Found this article interesting? Follow THN on Facebook, Twitter ο and LinkedIn to read more exclusive content we post.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C