Hospira MedNet Vulnerabilities Fixed

Wednesday, April 1, 2015 @ 02:04 PM gHale


Hospira released a new version of its MedNet software and provided mitigation recommendations that mitigate four vulnerabilities, according to a report on ICS-CERT.

Three of the four vulnerabilities, discovered by independent researcher Billy Rios, are remotely exploitable.

RELATED STORIES
Schneider Patches InduSoft, InTouch Holes
GE, MACTek Update DTM Fix
Rockwell Fixes FactoryTalk Holes
Johnson Controls Fixes Metasys Holes

MedNet software Version 5.8 and prior versions suffer from the issue.

Exploitation of these vulnerabilities may allow an attacker to remotely compromise MedNet servers and push unauthorized modifications to medication libraries and pump configurations.

Hospira is a U.S.-based company that maintains offices in several countries around the world.

MedNet server software manages drug libraries, firmware updates, and configurations of Hospira intravenous pumps. The affected products end up deployed across the Healthcare and Public Health Sector. Hospira said these products see use worldwide.

The MedNet software uses hard-coded cryptographic keys that could enable an attacker to intercept encrypted traffic from infusion pumps.

CVE-2014-5403 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 6.8.

The MedNet software contains plaintext storage of passwords for the SQL database that may allow an attacker to compromise the MedNet SQL server and gain administrative access to the workstation.

CVE-2014-5405 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 9.0.

The MedNet software stores clear text usernames and passwords on the local file system used during the installation process that may allow a malicious user to compromise the MedNet installation.

CVE-2014-5400 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 6.8.

The MedNet software uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system.

CVE-2014-5401 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 10.0.

Three of the four vulnerabilities are remotely exploitable. The Password in Configuration File vulnerability is locally exploitable.

No known public exploits specifically target these vulnerabilities. An attacker with a low skill would be able to exploit these vulnerabilities.

Hospira has developed a new version of the MedNet software, MedNet 6.1. Hospira said MedNet 6.1 no longer uses hard-coded passwords, hard-coded cryptographic keys, and no longer stores passwords in clear text. Existing versions of MedNet can upgrade to MedNet 6.1.



Leave a Reply

You must be logged in to post a comment.