That sounds bad on the surface, but GE Healthcare said that cybercriminals wouldn’t be able to actually cause any danger to a patient given that these devices are never used without human oversight. A vulnerability in GE Healthcare’s Aestiva and Aespire anesthesia devices would allow an unauthenticated cybercriminal on the same network as the device to modify gas composition parameters within the devices’ respirator function, thus changing sensor readings for gas density.Īccording to GE Healthcare, that means that the bug (CVE-2019-10966) could allow an attacker to impair respirator functionality in GE Aestiva and Aespire Versions 71, theoretically changing the composition of aspirated gases – while also silencing alarms and altering time and date records.
0 kommentar(er)
