The Department of Homeland Security and Siemens Healthineers has identified cybervulnerabilities in the Windows 7-based versions of Siemens PET/CT systems, SPECT systems, SPECT/CT Systems and SPECT Workplaces/Symbia.net and have issued a warning concerning the vulnerabilities.
Although Siemens is working on updates for the affected diagnostic imaging systems, it is recommending that customers operate the systems in a dedicated network segment and protected IT environment or disconnecting the devices from networks and reconnecting them after installing the provided patch.
According to the Industrial Control Systems Cyber Emergency Response Team, “Successful exploitation of these vulnerabilities may allow the attacker to remotely execute arbitrary code.”
The DHS warning can be accessed here.