The National Security Agency (NSA) issued a Cybersecurity Advisory on October 20, 2020, entitled “Chinese State-Sponsored Actors Exploit Publicly Known Vulnerabilities,” alerting IT professionals to 25 vulnerabilities that Chinese state-sponsored hackers are using against U.S. businesses that “can be exploited to gain initial access to victim networks using products that are directly accessible from the

The U.S. Department of Homeland Security (DHS) recently issued a warning that Smiths Medical Medfusion 4000 wireless syringe infusion pumps contain a security vulnerability that can be exploited by hackers to alter the performance of the medical devices.

The devices are used to infuse small doses of medication to patients and are used in acute care settings. Eight different vulnerabilities have been identified in pump versions 1.1, 1.5 and 1.6. According to DHS, hackers can exploit the vulnerabilities remotely, which can cause harm to patients, and can be used to gain access to other healthcare information technology systems if they are not segmented on the healthcare organization’s network.

Smiths Medical is working with DHS to resolve the flaws in its new version, which will be released in January of 2018. Until then, Smiths recommends the following:
Continue Reading Security Vulnerabilities Identified in Wireless Syringe Infusion Pumps