Threat Intelligence: BD Releases Advisory on Microsoft’s Zerologon Vulnerability

CVE-2020-1472 | Microsoft Netlogon Elevation of Privilege Vulnerability
Nov 8, 2020
Threat Intelligence

Advisory Information

BD posted an advisory on November 6, 2020 regarding the Microsoft Netlogon elevation of privilege vulnerability (CVE-2020-1472), more widely known as Zerologon. 

How Does This Vulnerability Impact BD Healthcare Products?

This is a third-party vulnerability that affects the Netlogon Remote Protocol (MS-NRPC), which allows unauthorized users access to a domain controller via the Netlogon secure channel. Once access has been gained, threat actors can run malicious applications on devices throughout the network, potentially compromising device functionality and network communications. However, in order to connect to the domain controller, the bad actor would have to use MS-NRPC to gain domain administrator access.

Devices Affected

  • BD Infusion Knowledge Portal™
  • BD Intelliport™
  • BD Kiestra™ InoqulA Standalone
  • BD Kiestra™ ReadA Standalone
  • BD Kiestra™ TLA/WCA
  • BD Supply Knowledge Portal™
  • BD HealthSight™ Clinical Advisor
  • BD HealthSight™ Data Manager
  • BD HealthSight™ Diversion Management
  • BD HealthSight™ Infection Advisor
  • BD HealthSight™ Inventory Optimization
  • BD Medication Knowledge Portal™

Note: This vulnerability is not limited to BD devices.

What Can Be Done to Mitigate the Threat & How Can Cynerio Help?

Microsoft is actively working on rolling out patches for this vulnerability in two phases. Until a full solution is available, Cynerio can:

  1. Conduct Deep Packet Inspection (DPI) and discover every device on the network and identify those at risk
  2. Map critical devices affected by this vulnerability
  3. Identify attempted exploits of this vulnerability within your network and send real-time alerts
  4. Automatically configure mitigation policies and ACLs tailored to the network that can be applied using existing security infrastructure to limit the exposure of vulnerable and infected devices

Some Other Helpful Resources


Keep your finger on the pulse of Healthcare IoT security

Get Your Free Pass to HIMSS21

August 9 -13, Las Vegas

HOW? Easy! If you are a Healthcare IT Executive and you book a 30-minute call with us before July 30th, you get a free pass (valued at $1295)

Book a Call

*Please note that there is limited pass availability