Siemens Healthineers medical products vulnerable to Windows BlueKeep flaw

Several products made by Siemens Healthineers are affected by a recently patched Windows BlueKeep vulnerability (CVE-2019-0708).

The BlueKeep issue is a remote code execution vulnerability in Remote Desktop Services (RDS) that it can be exploited by an unauthenticated attacker by connecting to the targeted system via the RDP and sending specially crafted requests.

As explained by Microsoft, this vulnerability could be triggered by malware with wormable capabilities, it could be exploited without user interaction, making it possible for malware to spread in an uncontrolled way into the target networks.

Several security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons.

After the release of security updates for the BlueKeep, Siemens started assessing its Healthineers products. Now Siemens has published six security advisories to warn its customers of potential risks,

“Some Siemens Healthineers software products are affected by this vulnerability.” reads an advisory published by Siemens. “The exploitability of the vulnerability depends on the specific configuration and deployment environment of each product. Siemens Healthineers recommends installing the appropriate security patches released by Microsoft.”

The company pointed out that it cannot guarantee the compatibility of Microsoft security patches with products from Siemens Healthineers that are beyond their End of Support.

Impacted products include MagicLinkA, MagicView, Medicalis solutions, Screening Navigator, syngo solutions and teamplay (receiver software only).

For most of the products, the advisories suggest disabling RDP, blocking TCP port 3389, and implementing workarounds suggested by Microsoft.

Siements also recommends to ensure to have appropriate backups and system restoration procedures, and suggest to contact local Siemens Healthineers customer service engineer, portal or our Regional Support Center for remediation guidance information.

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

Thank you

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Healthineers, BlueKeep)

[adrotate banner=”5″]

[adrotate banner=”13″]