Red Security

Full Version: Four Year Old Flaw Has Returned, Affecting Medical Devices
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
[Image: 150310_FT_Hacking_Life.jpg.CROP_.promova...mlarge.jpg]


    Today, an old router vulnerability that was discovered in 2014, has returned and is affecting medical devices across the medial and health sector. The vulnerability was given a
rating of 9.8 and was issued CVE-2014.9222. The flaw has originally affected residential gateway SOHO routers, the very same flaw that is now affecting medical devices.


   ICS-CERT [Industrial Control Systems Cyber Emergency Response Team] stated that the affected devices was the Datacaptor Terminal which was developed by Qualcomm. These gateways are used by hospitals to connect medical devices to the larger network infrastructure.

   The flaw was discovered by CyberMDX; it was found in the software component "RomPager" from AllegroSoft which is utilized by the DTS Web Interface, RomPage versions earlier than 4.07 are susceptible.

    A firmware patch has been issued, as well affected devices were recalled to have the vulnerability fixed and secured. This recall was; however, voluntary.


---Sh7nk-Z0id