"These Vulnerabilities Could Leave Millions of Connected Medical Devices Open to Attack"
Cybersecurity researchers at Forescout and Medigate released details pertaining to critical vulnerabilities contained by millions of connected devices in hospital networks that could allow malicious actors to interfere with medical equipment and patient monitors in addition to Internet of Things (IoT) devices used for controlling lighting, ventilation, and more. They disclosed a set of 13 vulnerabilities dubbed Nucleus:13 that exist in Nucleus Net TCP/IP stacks, potentially impacting millions of devices. Attackers could use these vulnerabilities for Remote Code Execution (RCE), Denial-of-Service (DoS) attacks, and data leakage. However, the researchers say it is still uncertain whether cybercriminals have exploited the vulnerabilities in the wild. Nucleus Net TCP/IP stacks are widely used in critical safety devices in hospitals, such as anesthesia machines, patient monitors, and other devices. As these stacks are common, they are easy for attackers to identify and target. Some of the connected devices can be found on the IoT search engine Shodan, and if they are publicly facing the Internet, it is possible to launch remote attacks against them. According to a Siemens spokesperson, all the vulnerabilities have been addressed in the latest fix releases of active Nucleus version lines. The researchers still recommend segmenting networks to limit the exposure of any devices or software that could contain vulnerabilities but cannot be patched. This article continues to discuss the discovery and potential impact of Nucleus:13.