CISA issues advisory about Siemens software vulnerabilities

Healthcare IT News

Kat Jercich

The U.S. Cybersecurity and Infrastructure Security Agency issued an advisory this week about critical vulnerabilities to software used in medical devices.

As outlined by a blog post from Forescout Research Labs, the set of 13 new vulnerabilities affects Siemens' Nucleus TCP/IP stack.

The flaws potentially allow for remote code execution, denial of service and information leak.

"CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities," said the alert. "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures."

Siemens did not respond to...

Get the Morning Update

Thanks for subscribing!