HealthcareCISO

The U.S. Cybersecurity and Infrastructure Security Agency issued an advisory this week about critical vulnerabilities to software used in medical devices.

As outlined by a blog post from Forescout Research Labs, the set of 13 new vulnerabilities affects Siemens' Nucleus TCP/IP stack.

The flaws potentially allow for remote code execution, denial of service and information leak.

"CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities," said the alert. "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures."

Siemens did not respond to...