Ripple20 Threatens Increasingly Connected Medical Devices

Dark Reading

Kelly Sheridan

A series of IoT vulnerabilities could put hospital networks, medical data, and patient safety at risk.
Earlier this month, JSOF security researchers disclosed the "Ripple20" vulnerabilities, a series of flaws affecting connected devices in the enterprise, industrial, and healthcare industries. Experts worry about the implications for connected medical devices, which could provide attackers with a gateway into a hospital network or enable them to affect patient care.

Ripple20 exists in a low-level TCP/IP software library built by software company Treck. Many IoT device manufacturers build the library directly into their devices or integrate it through embedded third-party components. As a result, organizations may not know they're exposed.

These vulnerabilities range in severity from small bugs with subtle effects to...

Get the Morning Update

Thanks for subscribing!