Details have been published today about a collection of nine vulnerabilities known as PwnedPiper that impact a common type of medical equipment that

PwnedPiper vulnerabilities impact 80% of major hospitals in North America

submited by

Style Pass

2021-08-02 17:30:02

Details have been published today about a collection of nine vulnerabilities known as PwnedPiper that impact a common type of medical equipment that’s installed in roughly 80% of all major hospitals in North America.

The TransLogic Pneumatic Tube Systems (PTS), from Swisslog Healthcare, is a complex system that uses compressed air to move medical supplies (lab samples, medicine, blood products, etc.) using tubes that connect different departments inside large hospitals.

Installed in more than 3,000 hospitals, TransLogic systems effectively work as the blood vessels of modern hospitals as they allow the movement of sensitive medical material while keeping nurses free to provide patient care.

In research published today, IoT security firm Armis said it discovered nine vulnerabilities in the Nexus Control Panel, the software that doctors and nurses use to control how medical material moves between hospital sections.

“These vulnerabilities can enable an unauthenticated attacker to take over Translogic PTS stations and essentially gain complete control over the PTS network of a target hospital,” the Armis team said today.