Security Architecture, Endpoint/Device Security, IoT, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Medfusion 4000 Wireless Syringe Infusion Pump can be exploited to compromise operations

Until a new version of Smiths Medical's Medfusion 4000 Wireless Syringe Infusion Pump is issued in January 2018, its operators should be wary of eight vulnerabilities that can be remotely exploited to gain access to the device and compromise its functionality.

Health care professionals use the pump in acute care facilities to deliver small doses of medication to patients from a variety of syringe sizes.

Crediting independent researcher Scott Gayou with the bugs' discovery, the ICS-CERT reported in an advisory last week that attackers "with high skill" can leverage the flaws to sabotage the pump's communications module and therapeutic module, despite the segmented design of the device.

Found in versions 1.1, 1.5, and 1.6 of the pump, the flaws consist of a buffer overflow in a third-party component (CVE-2017-12718), an out-of-bounds read in a third-party component (CVE-2017-12722), the use of hard-coded credentials in the FTP server (CVE-2017-12724) and while automatically establishing a wireless network connection (CVE-2017-12725), improper access control in the pump's FTP server (CVE-2017-12720), use of a hard-coded password by Telnet (CVE-2017-12726), improper certificate validation that can enable a man-in-the-middle attack (CVE-2017-12721), and the storage of accessible passwords within the configuration file (CVE-2017-12723).

The ICS-CERT, which operates within the Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC), and Plymouth, Minn.-based Smiths Medical have recommended several defensive measures to protect against the threat of an exploit until the new product version 1.6.1 of the pump is released. All of these recommendations are listed within the advisory.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.