siemens molecular imaging vulnerabilities
The ICS-CERT illustrated that flwas within Siemen’s molecular imaging products were exploitable while “Siemens is preparing updates for the affected products and recommends protecting network access to the Molecular Imaging products with appropriate mechanisms,” ICS-CERT said in its advisory. “It is advised to run the devices in a dedicated network segment and protected IT environment.”
Siemens states that their PET/CT Systems, SPECT/CT Systems, SPECT Systems and SPECT Workplaces/Symbia.net systems for Windows XP and Windows 7 are affected. Moreover, ICS-CERT stated that it doesn’t take a lot of skill to exploit the systems but rather an attacker with a low level skill could potentially execute remote code on the vulnerable devices by exploiting its vulnerabilities.
The severity of t he issues is due to the fact that all of these systems are widely used across the world in the public health sector and industries. Four of the vulnerabilities originate from 2015 and affect Windows 7 and scored a CVSS of 9.8/10.