{"id":8654,"date":"2021-06-30T06:00:54","date_gmt":"2021-06-30T13:00:54","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8654"},"modified":"2023-03-07T15:37:52","modified_gmt":"2023-03-07T22:37:52","slug":"cardiac-management-patch-these-six-zoll-vulnerabilities","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/cardiac-management-patch-these-six-zoll-vulnerabilities\/","title":{"rendered":"Cardiac Management: Patch These Six ZOLL Vulnerabilities"},"content":{"rendered":"
\nDid you know over 277K patient data was exposed using ZOLL gaps in 2018?<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n
In June 2021, ZOLL Medical Corporation released six security patches for its defibrillator dashboard platform. Today, medical records are the most favorite target for cybercriminals because of the treasured personally identifiable information (PII) that could possibly lead to financial breaches. These records are a lot richer than credit card passwords and are valued up to $250 per data on the dark web.<\/p>\n
We examined eight vulnerabilities in the ZOLL defibrillator dashboard and highlighted the ones that need to be prioritized for immediate patching.<\/p>\n
<\/p>\n
Why Is It Important to Patch These Vulnerabilities?<\/h2>\n
Securin\u2019s researchers analyzed eight vulnerabilities; here are our findings.<\/p>\n
\n
- \n
One CVE is remote code execution, one is privilege escalation, two are denial of service, and four are theft-sensitive information bugs.<\/p>\n<\/li>\n
- \n
Leveraging these vulnerabilities, a nonadministrative user could obtain access to the application and achieve remote code execution to steal patient credentials impacting the confidentiality of the application.<\/p>\n<\/li>\n
- \n
On June 10, 2021, CISA issued a medical advisory<\/a> for six CVEs urging all users to patch these vulnerabilities.<\/p>\n<\/li>\n
- \n
The CVSS V3 score provided for these vulnerabilities ranges from 4.6 to 9.1. One CVE is rated as critical severity, three are rated as high severity, and four are rated as medium severity.<\/p>\n<\/li>\n
- \n
CVE-2007-6756 and CVE-2013-7395 are older weaknesses that were discovered in 2007 and 2013 with a CVSS V3 score of 4.9 (medium).<\/p>\n<\/li>\n
- \n
Each of these vulnerabilities has got a Common Weakness Enumeration ID. These are CWE- 434<\/strong>, CWE – 312, CWE – 321, CWE- 79<\/strong>, CWE – 257, CWE -269, and CWE – 255<\/strong>, in which three of them fall under the Top 25 Most Dangerous Software Weaknesses<\/a> published by MITRE.<\/p>\n<\/li>\n
- \n
All products prior to the ZOLL defibrillator dashboard version 2.2 are affected by these weaknesses.<\/p>\n<\/li>\n
- \n
A patch is available to fix these vulnerabilities and cut down medical risks.<\/p>\n<\/li>\n
- \n
As of writing, there are no publicly known exploits for these ZOLL vulnerabilities.<\/p>\n<\/li>\n
- \n
Interestingly, popular scanners such as Qualys, Nessus, and Tenable failed to detect these vulnerabilities.<\/p>\n<\/li>\n<\/ol>\n
<\/p>\n
RCE and PE Vulnerability<\/h2>\n
CVE-2021-27489 is a critical vulnerability that exists in the ZOLL defibrillator dashboard platform with Remote Code Execution capabilities. This CVE has been given a CVSS V3 score of 9.9 (critical) and leads to Unrestricted Upload of File with Dangerous Type, categorized under CWE – 434 that falls under Top 25 Most Dangerous Software Weaknesses<\/a> published by MITRE.<\/p>\n