Siemens, DHS warn of "low skill" exploits against CT and PET Scanners
https://arstechnica.com/gadgets/2017/08/siemens-dhs-warn-of-low-skill-exploits-against-ct-and-pet-scanners/ Siemens identified the vulnerabilities in a customer alert on July 26, warning that the vulnerabilities were highly critical--giving them a rating of 9.8 out of a possible 10 using the Common Vulnerability Scoring System. The systems affected include Siemens CT, PET, and SPECT scanners and medical imaging workflow systems based on Windows 7. One of the vulnerabilities is in the built-in Window Web server running on the systems. "An unauthenticated remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft Web server (port 80/tcp and port 443/tcp) of affected devices," Siemens warned in its alert. The bug in the Web server software allows code injection onto the devices. - - - --Lauren-- Lauren Weinstein (lau...@vortex.com): https://www.vortex.com/lauren Lauren's Blog: https://lauren.vortex.com Google Issues Mailing List: https://vortex.com/google-issues Founder: Network Neutrality Squad: https://www.nnsquad.org PRIVACY Forum: https://www.vortex.com/privacy-info Co-Founder: People For Internet Responsibility: https://www.pfir.org/pfir-info Member: ACM Committee on Computers and Public Policy Google+: https://google.com/+LaurenWeinstein Twitter: https://twitter.com/laurenweinstein Tel: +1 (818) 225-2800 --- Impeach Trump --- _______________________________________________ pfir mailing list https://lists.pfir.org/mailman/listinfo/pfir