News

Siemens: Medical devices apparently have sensitive security vulnerabilities

Photo of Simon Lüthje Simon Lüthje11. November 2021

As has now become public, a TCP/IP stack from Siemens has serious security flaws. A total of 13 leaks are said to allow access via remote code and enable DoS attacks. Above all, the fact that many medical devices are affected makes experts fear the worst.

The nightmare for every hospital

Forescout, an association of cybersecurity experts, in collaboration with Medigate, has identified a major security leak in medical devices. Specifically, the accessible gaps are said to be “Nucleus:13.” These are specific bugs that affect devices that are not only found in the segment of lighting systems and control systems of ventilation. Much more serious is the fact that medical devices also suffer from these bugs. These are by no means just isolated cases. In the worst case scenario, several million medical devices could suffer from the security gap. It’s hard to imagine what kind of dire consequences attackers could bring about here. The TCP/IP stacks from Nucleus should make it anything but difficult for cyber criminals to penetrate the devices. Even at a distance, malicious code can be injected into the device. In the course of this, DoS attacks or the theft of sensitive patient data are possible.

Siemens provides security update

Whether a cyberattack has occurred so far is still unclear. However, the risk of an attack is definitely very high. After all, the system is widespread in so many devices that it would almost border on a miracle if no resourceful hacker had come up with the idea of an attack yet. But not only the attack itself should be easy. The identification of the corresponding devices should not be a problem for experts either. It is also particularly frightening that the search engine Shodan can be used to search specifically for corresponding models. If one can be found with an active Internet connection, it should be possible to attack it directly. To keep the risk of cyberattacks as low as possible, Siemens has responded with a patch. Owners of affected devices should install it immediately for self-protection and to protect patient data.

Tags
Photo of Simon Lüthje Simon Lüthje11. November 2021
Photo of Simon Lüthje

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

Siemens Waschmaschine Fehler E23 Titelbild

Siemens washing machine error E23 – Your appliance is no longer fully sealed

9. November 2023
Cyberkriminialität

Security breach: Hackers grab data from EA

13. June 2021
Victure PC420

Baby monitors from Victure are vulnerable – manufacturer does not respond

21. September 2021

Apple: Users Were Able to Listen to Each Other via Facetime

29. January 2019

No replies yet

Beginne die Diskussion →

Neue Antworten laden...

Avatar of Basic Tutorials
Basic Tutorials

Neues Mitglied

3,233 Beiträge 1,471 Likes
Angeheftet Nov 11, 2021

As has now become public, a TCP/IP stack from Siemens has serious security flaws. A total of 13 leaks are said to allow access via remote code and enable DoS attacks. Above all, the fact that many medical devices are affected makes experts fear the worst. The nightmare for every hospital Forescout, an association of … (Weiterlesen...)

Antworten Like

Beteilige dich an der Diskussion in der Basic Tutorials Community →

Back to top button