Siemens Medical Products Affected by Wormable Windows Flaw

Several products made by Siemens Healthineers, a Siemens company that specializes in medical technology, are affected by a recently patched Windows vulnerability tracked as CVE-2019-0708 and BlueKeep.


The vulnerability impacts the Windows Remote Desktop Services (RDS) and it was fixed by Microsoft with its May 2019 Patch Tuesday updates. The flaw has been described as wormable and it can be leveraged by malware to spread similar to the way the notorious WannaCry ransomware did back in 2017 through the EternalBlue exploit.


It allows an unauthenticated attacker to execute code and take control of a device without any user interaction by sending specially crafted requests to the targeted machine’s RDS via the Remote Desktop Protocol (RDP).


Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA). The threat can also be mitigated by blocking TCP port 3389 at the perimeter firewall.


Experts have warned that the flaw poses a serious risk to organizations, including industrial environments, and the risk of exploitation has increased after several researchers and cybersecurity companies have reported developing PoC exploits.


Shortly after Microsoft released patches, Siemens informed customers that it had launched an investigation into the impact of CVE-2019-0708 on its Healthineers products. The company has now published six security advisories describing the impact of the flaw on its products and the steps customers need to take to mitigate the risks.


Siemens has pointed ou ..