Vulnerability Research & Disclosures (Jul 11, 2019)
A vulnerability has been discovered by CyberMDX’s research teams affecting anesthesia delivery devices, GE Aestiva and GE Aespire. Connecting to a network to document dosages, and vital signs, an attacker could gain access to revert the device to an earlier, unsecure version of the communication protocol. An attack on the anesthesia devices could enable alterations of data and time, change anesthesia agent type, change barometric pressure settings, remotely silencing of alarms, and alter gas composition.
Recommendation: While a patch hasn’t been released yet, users should keep up to date with updates and information being provided by GE Healthcare.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.