Geo-Poli-Cyber Risks Increased by Critical Bug Set ‘PwnedPiper’ that has already compromised major hospitals in North America.
Critical Bug Set ‘PwnedPiper’ that is already impacting major hospitals in North America provides a vulnerability that can be exploited by Geo-Poli-Cyber motivated Hackers.
Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper.
PTS solutions are part of a hospital’s critical infrastructure as they are used to quickly deliver items like blood, tissue, lab samples, or medication to where they’re needed.
The flaws are in some of SwissLog’s TransLogic Pneumatic Tube System, an automated material transport solution for carrying medical items across longer distances in medium to large hospitals.
According to the maker, TransLogic PTS is present in more than 2,300 hospitals in North America and more than 3,000 units worldwide benefit from 24/7 customer support.
Critical bug left unpatched
Research from Armis, a connected device security company, revealed that an unauthenticated attacker could gain full control over some TransLogic PTS stations connected to the internet and then take over the entire PTS network of a target hospital.
Specifically, the company discovered nine critical vulnerabilities in the firmware powering the Nexus Control Panel for managing “all current models of Translogic PTS stations.”
While not all the issues could be exploited by a remote attacker, their severity level remains high, given a PTS’ role in a hospital.
Swisslog acknowledged the security issues and says that they impact the HMI-3 circuit board in Nexus Panels connected to the internet. The company notes in an advisory this weekend that the affected PTS products “are deployed primarily in hospitals within North America.”
Jennie McQuade, Chief Privacy Officer for Swisslog Healthcare, says that the security issues are not present unless a mix of variables exists.
“The potential for pneumatic tube stations (where the firmware is deployed) to be compromised is dependent on a bad actor who has access to the facility’s information technology network and who could cause additional damage by leveraging these exploits” – Swisslog
Armis found many other vulnerabilities which if left unpatched can allow hackers of all motivations to breach their targets. one of the most severe is CVE-2021-37160:
This is because it is an unencrypted, unauthenticated firmware upgrades on the Nexus Control Panel. An attacker could leverage it to install malicious firmware on the system, essentially taking full control over it.
These vulnerabilities came to light on May 1 and persisted since. Viable patches tried to fix the issue as a mitigation step for hospitals were unable to apply the fix right away.
Protecting against PwnedPiper vulnerabilities
Hospitals need to address this ASAP while many are finding it hard to install the latest firmware update for TransLogic.
Those who are struggling with applying the needed fix can contact Survivability News or MLi Group for assistance.