"Hackers Could Increase Medication Doses Through Infusion Pump Flaws"

Researchers have recently found that pacemakers, insulin pumps, mammography machines, ultrasounds, and monitors, contain worrying security vulnerabilities. The latest addition to that long lineup is a popular infusion pump and dock, the B. Braun Infusomat Space Large Volume Pump and B. Braun SpaceStation.  Infusion pumps automate the delivery of medications and nutrients into a patient's body, typically from a bag of intravenous fluids.   Researchers at McAfee's Advanced Threat Research group found that an attacker with access to a healthcare facilities network could control a SpaceStation by exploiting a common connectivity vulnerability. From there, the adversary could exploit four other flaws in sequence to administer a double dose of medication to victims.  The attack isn't simple to carry out in practice and requires that first foothold in a medical facility's network.  The researchers stated that successfully exploiting these vulnerabilities could allow a sophisticated attacker to compromise the security of the Space or compactplus communication devices and enable an attacker to escalate privileges, view sensitive information, upload arbitrary files, and perform remote code execution.

Wired reports: "Hackers Could Increase Medication Doses Through Infusion Pump Flaws"