Siemens, DHS warn of “low skill”exploits against CT and PET Scanners | Ars Technica

Archivio di tutti i clip: (Notebook di Evernote). Siemens, DHS warn of “low skill” exploits against CT and PET Scanners Exploits affecting Windows 7-based CT, SPECT, PET scanners are publicly available. Sean Gallagher - Aug 4, 2017 1:36 pm UTC Enlarge University of Queensland The Department of Homeland Security's Industrial Control System Computer Emergency Response Team (ICS-CERT) has issued an alert warning of four vulnerabilities in multiple medical molecular imaging systems from Siemens. All of these systems have publicly available exploits that could allow an attacker to execute code remotely—potentially damaging or compromising the safety of the systems. "An attacker with a low skill would be able to exploit these vulnerabilities," ICS-CERT warned. Siemens identified the vulnerabilities in a customer alert on July 26, warning that the vulnerabilities were highly critical—giving them a rating of 9.8 out of a possible 10 using the Common Vulnerability Scoring System. The systems affected include Siemens CT, PET, and SPECT scanners and medical imaging workflow systems based on Windows 7. One of the vulnerabilities is in the built-in Window Web server running on the systems. "An unauthenticated remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Mic[...]

Lascia un Commento

L'indirizzo email non verrà pubblicato. I campi obbligatori sono contrassegnati *

È possibile utilizzare questi tag ed attributi XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>