The Armis security firm has discovered nine severe vulnerabilities in the Pneumatic Tubing System (PTS). This system is used in more than 3,000 hospitals in the U.S. These newly discovered bugs were collectively labeled as PwnedPiper.
What happened?
TransLogic PTS connects numerous departments in hospitals and pipes allow for the movement of sensitive medical materials for nurses to use on patients.
- After studying the vulnerabilities, researchers confirmed that it could lead to dangerous ransomware attacks and allow the attackers to leak or steal sensitive hospital information.
- Nine vulnerabilities have been identified in the PTS control software-Nexus control panel. The exploitation of such bugs could allow hackers to take over TransLogic PTS.
About PwnedPiper
The researchers have provided the full list of the PwnedPiper vulnerabilities in their recent report.
- The identified vulnerabilities include CVE-2021-37161 (Underflow in udpRXThread), CVE-2021-37162 (Overflow in sccProcessMsg), and more.
- In addition, CVE-2021-37163 (Two hardcoded passwords are having access using Telnet server) and CVE-2021-37164 (Off-by-three stack overflow in tcpTxThread) were discovered.
- Moreover, experts disclosed CVE-2021-37165 (Overflow in hmiProcessMsg), CVE-2021-37166 (GUI socket DoS), CVE-2021-37167 (script with root can be used for PE), and CVE-2021-37160 (unsigned firmware upgrade).
Conclusion
The exploitation of the PTS may lead to serious problems for large hospitals with tens of connected departments. Therefore, patching these vulnerabilities should be a priority for the hospitals to prevent critical consequences to their facilities and patients. The vendor has provided mitigation steps for hospitals to stay protected.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/0d08_shutterstock_248596792.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock_000021630281_Medium.jpg)
