Vulnerability Identified in Capsule Technologies SmartLinx Neuron 2 Medical Information Collection Devices
A high severity flaw has been identified in Capsule Technologies SmartLinx Neuron 2 medical information collection devices running version 6.9.1 of the software. SmartLinx Neuron 2 is a bedside mobile clinical computer that automatically collects vital signs data and connects to hospitals’ medical device information systems.
The flaw, tracked as CVE-2019-5024, is a restricted environment escape vulnerability due to the failure of a protection mechanism in kiosk mode. The flaw is present in all versions of Capsule Technologies SmartLinx Neuron 2 prior to version 9.0.
Kiosk mode is a restricted environment that prevents...