Critical Bugs Expose Hundreds of Thousands of Medical Devices and ATMs
Specialized health care devices, from imaging tools like CT scanners to diagnostic lab equipment, are often inadequately protected on hospital networks. Now, new findings about seven vulnerabilities in an Internet of Things remote management tool underscore the interconnected exposures in medical devices and the broader IoT ecosystem.
Researchers from the health care security firm CyberMDX, which was acquired last month by the IoT security firm Forescout, found seven easily exploited vulnerabilities, collectively dubbed Access:7, in the IoT remote access tool PTC Axeda.
The platform can be used with any embedded device, but has proven particularly popular in medical equipment. The researchers also found that some companies have used it to remotely manage ATMs, vending machines, barcode scanning systems, and some industrial manufacturing equipment.