Access:7 Supply Chain Flaws Impact ATMs, Medical, IoT devices

Three out of the seven flaws were rated as critical, while the remaining four were medium to high severity vulnerabilities.

The IT security researchers at CyberMDX health care security firm, acquired last month by Forescout, have identified as many as 7 easy-to-exploit vulnerabilities. These vulnerabilities are collectively dubbed Access:7.

Details of Access:7 Vulnerabilities

According to researchers, the 7 vulnerabilities were identified in the IoT remote access tool known as PTC Axeda. This platform is compatible with most embedded devices, and companies use it to remotely manage ATMs, barcode scanners, vending machines, and industrial manufacturing equipment/systems. However, lately, it has gained popularity within the health care sector. 

Some of these vulnerabilities are caused by the way Axeda processes undocumented/unauthenticated commands because it lets attackers exploit the platform. Other flaws were due to default configuration errors, such as multiple Axeda users sharing hard-coded and guessable system passwords.

According to researchers, three out of the seven flaws were rated as critical, while the remaining four were medium to high severity vulnerabilities.

Around 55% of the impacted devices belong to the health care sector, 24% to IoT, 8% to IT, 5% to financial services, and 4% were linked to the manufacturing sector.

Read More: https://www.hackread.com/access7-supply-chain-vulnerability-atm-iot-devices/