"Decommissioned Medical Infusion Pumps Sold on Secondary Market Could Reveal Wi-Fi Configuration Settings"
Rapid7 researchers warn that the secondary market sale of decommissioned medical infusion pumps may result in the exposure of Wi-Fi configuration settings. Most medical infusion pumps purchased from secondary market services such as eBay contained wireless authentication data from the initial medical organization that deployed the devices. The researchers analyzed three different infusion pump models: the Alaris PC 8015, the Baxter Sigma Spectrum model 35700BAX2, and the Hospira Abbott PLUM A+ with MedNet. They analyzed 13 infusion pumps that are still in use in many medical facilities worldwide despite no longer being manufactured. Sensitive data was gathered by analyzing the content of compact flash cards, capturing serial communication while using the product's maintenance software serial communication, and physically removing and extracting data from the flash memory chip on the main circuit boards. Researchers retrieved hostnames with domain information, AES keys for encryption, SSIDs, Wi-Fi Pre Shared Keys (PSK) passphrases in clear text, Microsoft Active Directory authentication credentials, and Wi-Fi configuration settings. This article continues to discuss the security risks posed by decommissioned medical infusion pumps sold via the secondary market.