Siemens, Homeland Security issue advisory for diagnostic imaging systems

On Augist 3, the Department of Homeland Security (DHS) and Siemens Healthineers issued an advisory that four of the company’s diagnostic imaging systems may be vulnerable to cyberattacks.

The release specifically mentions all Windows 7-based versions of Siemens PET/CT systems, SPECT/CT Systems, SPECT systems and SPECT Workplaces/Symbia.net.

“Successful exploitation of these vulnerabilities may allow the attacker to remotely execute arbitrary code,” according to the advisory on DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) website. “Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment and specific clinical usage.”

Siemens mentions four possible methods of remotely hacking the systems:

Improper Control of Code Generation (1): An unauthenticated remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft web server (Port 80/TCP and Port 443/TCP) of affected devices.

Improper Control of Code Generation (2): An unauthenticated remote attacker could execute arbitrary code by sending a specially crafted request to the HP Client automation service on Port 3465/TCP of affected devices.

Improper Restriction of Operations within the Bounds of a Memory Buffer: An unauthenticated remote attacker could execute arbitrary code by sending a specially crafted request to the HP Client automation service of affected devices.

Permissions, Privileges and Access Controls: An unauthenticated remote attacker could execute arbitrary code by sending a specially crafted request to the HP Client automation service of affected devices.

Siemens is preparing updates for the vulnerable systems. The company suggests users run devices in a dedicated network segment and protected IT environment. If that is not possible, products should be disconnected from networks and reconnected only after the provided patch has been installed.

""
Nicholas Leider, Managing Editor

Nicholas joined TriMed in 2016 as the managing editor of the Chicago office. After receiving his master’s from Roosevelt University, he worked in various writing/editing roles for magazines ranging in topic from billiards to metallurgy. Currently on Chicago’s north side, Nicholas keeps busy by running, reading and talking to his two cats.

Trimed Popup
Trimed Popup