75% of Tested Smart Infusion Pumps Vulnerable to Hacking

As of 2020, about 80% of hospitals in the United States were using smart infusion pumps.

Palo Alto Networks Unit 42 researchers analyzed data crowdsourced from over 200,000 network-linked infusion pumps used in healthcare facilities/hospitals and identified severe security concerns. 

Unit 42 researchers discovered grave medical device security issues in the infusion pumps they analyzed as 75% of the samples contained security vulnerabilities that exposed the device to potential exploitation. This could have drastic implications for the healthcare sector regarding patients’ security.

The purpose of this research was to assess the reliability and security of smart infusion pumps used by a majority of healthcare organizations globally. These pumps are connected to the internet and automatically dispense fluids and medications to patients.

It is worth noting that as of 2020, about 80% of hospitals in the United States were using smart infusion pumps.

Which Vulnerabilities Were Discovered?

Palo alto Networks’ research team stated that scans from 7 medical device manufacturers were obtained for their analysis. Over 52% of all scanned infusion pumps were vulnerable to two known vulnerabilities discovered in 2019.

These flaws are tracked as CVE-2019-12255 (buffer overflow flaw in Wind River VxWorks’ TCP component) and CVE-2019-12264 (incorrect

Read More: https://www.hackread.com/smart-infusion-pumps-vulnerable-to-hacking/