Alert: Medical Device Vendors Update Advisories on Products Affected by the Windows Bad Neighbor Vulnerability
Following the Microsoft advisory issued on October 13, 2020 regarding the Bad Neighbor vulnerability, BD, Philips, and Carestream have recently released more information on affected devices.
This vulnerability is located within an ICMPv6 Neighbor Discovery protocol and has a CVSS score of 9.8. If properly exploited, an attacker can gain access to a target server or client and remotely execute malicious code. However, the vulnerability isn’t routable over the internet, and a threat actor would have to route customized ICMPv6 Router Advertisement packets over a local subnet.
A variety of medical products utilizing the Windows TCP/IP stack are at risk, including:
- BD laboratory and pharmacology systems
- Philips radiology systems, image-guided therapy devices, ultrasound, stress testing, monitoring and emergency care data management systems
- Carestream imaging systems
To date, there have been no reported exploits of the Bad Neighbor vulnerability, and vendors are actively testing and validating the patches Microsoft has released.
How can Cynerio help protect your at-risk devices now?
Cynerio is in close contact with the relevant vendors and will send clients alerts when patches and updates are made available, and when vulnerable or infected devices are identified.
We constantly monitor network activity and can help you automate mapping critical devices on your network. Cynerio can also assist with hardening your network against known and unknown threats and expedite segmentation projects in clinical environments.
Some More Helpful Resources
For more detailed information and resources on this critical vulnerability, please see the following vendor advisories:
In support of CISA’s National Cyber Awareness Month, we’re offering healthcare facilities across North American a free risk assessment until December 31. To get your free risk assessment, contact us today.