Threat Intelligence: B. Braun Device Vulnerabilities

Two New ICS Medical Advisories Issued: ICSMA-20-296-01 and ICSMA-20-296-02
Cynerio
News
Oct 22, 2020

Advisory Information

CISA released two ICS Medical Advisories (ICSMA-20-296-01 and ICSMA-20-296-02) on October 22, 2020. Both advisories concern B. Braun devices and have CVSS scores of v3 8.6 and 7.6, respectively. The vulnerabilities enable remote exploitation of these medical devices and could allow threat actors to escalate privileges, access ePHI, and upload malicious data packets, compromising the devices’ security.

Devices Affected

The following B. Braun Melsungen AG products are affected by these vulnerabilities:

  • OnlineSuite, versions AP 3.0 and older  
  • SpaceCom, firmware versions U61 and older within the US, and versions L81 and older internationally
  • Battery Pack SP with WiFi, firmware versions U61 and older within the US, and versions L81 and older internationally
  • Data module compactplus, firmware versions A10 and A11 (internationally)

What Is the Impact on Healthcare?

Since these vulnerabilities enable remote code execution, threat actors who gain access to these medical devices can disrupt the functionality of the devices and steal sensitive patient information. Bad actors can also leverage these vulnerabilities to move laterally across the clinical network and gain wide-scale access to the healthcare IT network, risking operational shutdown and jeopardizing patient safety. 

How Can Cynerio Help Mitigate the Threat?

  1. Cynerio identifies every B. Braun device affected within the healthcare ecosystem, and alerts the relevant team members
  2. Update device firmware to the latest version
  3. To ensure affected devices are not connected to the Internet, Cynerio automatically configures clinically-enriched north-south segmentation policies teams can confidently enforce
  4. Cynerio also automatically configures east-west segmentation policies to limit lateral movement between devices across the network
  5. After the appropriate mitigation measures have been taken, Cynerio will continuously monitor the network for suspicious activity

In support of CISA's National Cyber Awareness Month, Cynerio is offering healthcare facilities in North America  a free risk assessment until October 31, 2020.

Contact us today to get your free risk assessment.

Some Other Helpful Resources


Keep your finger on the pulse of Healthcare IoT security