Siemens, Homeland Security issue advisory for diagnostic imaging systems

Twitter icon
Facebook icon
LinkedIn icon
e-mail icon
Google icon
 - cyber security

On Augist 3, the Department of Homeland Security (DHS) and Siemens Healthineers issued an advisory that four of the company’s diagnostic imaging systems may be vulnerable to cyberattacks.

The release specifically mentions all Windows 7-based versions of Siemens PET/CT systems, SPECT/CT Systems, SPECT systems and SPECT Workplaces/Symbia.net.

“Successful exploitation of these vulnerabilities may allow the attacker to remotely execute arbitrary code,” according to the advisory on DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) website. “Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment and specific clinical usage.”

Siemens mentions four possible methods of remotely hacking the systems:

Improper Control of Code Generation (1): An unauthenticated remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft web server (Port 80/TCP and Port 443/TCP) of affected devices.

Improper Control of Code Generation (2): An unauthenticated remote attacker could execute arbitrary code by sending a specially crafted request to the HP Client automation service on Port 3465/TCP of affected devices.

Improper Restriction of Operations within the Bounds of a Memory Buffer: An unauthenticated remote attacker could execute arbitrary code by sending a specially crafted request to the HP Client automation service of affected devices.

Permissions, Privileges and Access Controls: An unauthenticated remote attacker could execute arbitrary code by sending a specially crafted request to the HP Client automation service of affected devices.

Siemens is preparing updates for the vulnerable systems. The company suggests users run devices in a dedicated network segment and protected IT environment. If that is not possible, products should be disconnected from networks and reconnected only after the provided patch has been installed.