One the more serious cybersecurity vulnerabilities BD is facing now is currently being addressed, and will be included in an upcoming software update.

Becton, Dickinson and Company (BD) has self-reported two vulnerabilities that affect its BD Pyxis automated medication dispensing systems, BD Rowa pouch packaging systems, and BD Viper LT automated molecular testing systems.

Both vulnerabilities are due to the use of hard-coded credentials. If exploited, the vulnerabilities could allow an unauthorized individual to access, modify, and delete sensitive data, which could include electronic protected health information (ePHI).

The most serious vulnerability, tracked as CVE-2022-22765, affects all versions of the BD Viper LT system from 2.0. The vulnerability has been assigned a CVSS severity score of 8.0 out of 10.

Read the full article at HIPAA Journal.