One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8647860 |
| Date de publication | 2025-02-10 13:34:05 (vue: 2025-02-10 14:08:13) |
| Titre | Cyble Warns of Patient Monitor Risk in ICS Vulnerability Report |
| Texte | 
Cyble\'s weekly industrial control system (ICS) vulnerability report to clients included a warning about a severe vulnerability in a patient monitor that could potentially compromise patient safety.
In all, the report covered 36 ICS, operational technology (OT) and Supervisory Control and Data Acquisition (SCADA) vulnerabilities, 31 of which affect critical manufacturing and energy systems. Ten of the 36 vulnerabilities were rated “critical” and 17 carried high-risk ratings.
Patient Monitor Vulnerability Carries a 9.8 Risk Rating
The patient monitor vulnerability, CVE-2024-12248, was one of three flaws in Contec Health CMS8000 Patient Monitors that were addressed in a January 30 advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). CISA said the vulnerabilities were reported to the agency anonymously.
The Food and Drug Administration (FDA) also issued an alert about the vulnerabilities the same day. The FDA said the flaws “may put patients at risk after being connected to the internet,” but added that the agency “is not aware of any cybersecurity incidents, injuries, or deaths related to these cybersecurity vulnerabilities at this time.”
The FDA advisory contained recommendations for patients and caregivers for mitigating the risk that included the following advice:
“If your health c |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | also 01/0 0626 0683 075 08/0 1024x512 120 12248 2024 2025 300x150 787 820 about access accessed account acquisition across actors adapt added additional addressed administration adopting advice: advisories advisory affect affected after agency alert alerts all allow along alternative anonymously any an incident applying approach arbitrary are assessment assessments assets attacker authentication automating available aware a zero backdoor base based being below better blogs bodies bounds but by threat by cyble can caption= care caregivers carried carries caused cisa click here clients cms7 cms8000 code com/wp complex comprehensive compromise concerning conclusion conducting confirms connected consistency contained contec content/uploads/2025/02/cyble control controls could covered covers cramfs critical currently cve cvss cwe cyber cybersecurity cyble damage danger data day deaths deployment details developing device devices disconnected disrupt drug effective efficiency employee employees energy ensure ensuring epsimed especially establishing execution exploitation exploited exposure external fda features file= finding firmware flaw flaws focus following food formatted from full functionality gaps given good hardcoded health healthcare help high hipaa hospital https://cyble hygiene ics identify image immediate immediately implementing importance important improve improving incidents include include: included includes increasingly industrial infrastructure injuries insights intelligence internal internet inventory issued its january jpg just landscape large larger lateral latest layered leading like limit limited limiting local maintain maintaining management management reduces the manipulation manufacturing maximum measures medical medium might minimize mitigating monitor monitor: monitoring monitors movement much multi must network networks not observed offered one ongoing ongoing cybersecurity training only operational operations organizations other out overall particularly patch patching patient patients penetration plan and pose potential potentially practices prevent procedures processes products programs proper properly protected protecting provider put rated rating ratings received recognizing phishing attempts recommendations recommends reduce regardless regular regularly regulations regulatory related relies remediation remote remotely report reported requests required requiring resilience response resulting right risk safety said same scada scale score scrutinized sector securing security segmentation send settings several severe severity should show signs since single smart3250 software specially stark staying stop strategy such supervisory system systems talk technology ten terms tested testing these those threats three time timely title= too tools top to vulnerability to cyber track traffic training transportation trust policy udp unauthorized undergo understanding unplug updated usage used using validated vendors verification version versions violate vital vulnerabilities vulnerability warned warning warns water weekly which wlan2 working write your “critical” “if “is “may “pose |
| Tags | Tool Vulnerability Patching Industrial Medical |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ressemble à 1 autre(s) article(s):
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
|
2025-02-13 11:15:54 | (Déjà vu) Cyble Warns of Exposed Medical Imaging, Asset Management Systems (lien direct) | >
Overview
Cyble\'s weekly industrial control system (ICS) vulnerability report to clients warned about internet-facing medical imaging and critical infrastructure asset management systems that could be vulnerable to cyberattacks.
The report examined six ICS, operational technology (OT), and Supervisory Control and Data Acquisition (SCADA) vulnerabilities in total, but it focused on two in particular after Cyble detected web-exposed instances of the systems.
Orthanc, Trimble Cityworks Vulnerabilities Highlighted by CISA
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued advisories alerting users to vulnerabilities in medical imaging and asset management products.
Orthanc is an open-source DICOM server used in healthcare environments for medical imaging storage and retrieval, while Trimble Cityworks is a GIS-centric asset management system used to manage all infrastructure assets for airports, utilities, municipalities, and counties.
In a February 6 ICS medical advisory, CISA said the Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled, which could result in unauthorized access by a malicious actor. The Missing Authentication for Critical Function vulnerability, CVE-2025-0896, has been assigned a CVSS v3.1 base score of 9.8, just below the maximum score of 10.0.
Orthanc recommends that users update to the latest version or enable HTTP authentication by setting the configuration "AuthenticationEnabled": true in the configuration file.
Cyble provided a publicly accessible search query for its ODIN vulnerability search tool, which users can use to find potentially vulnerable instances.
“This flaw requires urgent attention, as Cyble researchers have identified multiple internet-facing Orthanc instances, increasing the risk of exploitation,” the Cyble report said. “The exposure of vulnerable instances could allow unauthorized access to sensitive medical data, manipulation of imaging records, or even unauthorized control over the server. Given the high stakes in healthcare cybersecurity, immediate patching to version 1.5.8 or later, along with restricting external access, is strongly recommended to mitigate potential threats. |
Tool Vulnerability Threat Patching Industrial Medical | ★★★ |