"Ripple20 Threatens Increasingly Connected Medical Devices"
JSOF security researchers recently discovered a series of vulnerabilities, dubbed "Ripple20", that impact connected devices in the enterprise, industrial, and healthcare industries. The Ripple20 vulnerabilities were found in a low-level TCP/IP software library, which many IoT device manufacturers build directly into their devices or integrate via embedded third-party components. These flaws could enable denial-of-service (DoS) attacks, information disclosure, remote code execution, and other malicious activities. Infusion pumps were among the devices confirmed to be vulnerable. The exploitation of Ripple20 vulnerabilities in infusion pumps, poses a significant threat to safety as these devices deliver doses of medicine directly to patients. This article continues to discuss the potential impact of Ripple20, the growing concern about the security of connected medical devices, and what hospitals can do to protect their medical devices.
Dark Reading reports "Ripple20 Threatens Increasingly Connected Medical Devices"