Researchers have found several vulnerabilities in the Nucleus Real-time Operating System, a software suite owned by Siemens used in medical devices, such as patient monitors and anesthesia, ultrasound, and x-ray machines. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is expected to encourage users to update their systems to guard against potential cyberattacks.
Nearly 4,000 devices made by a range of vendors in the health care, government and retail sectors are running the vulnerable software, according to cybersecurity firms Forescout Technologies and Medigate, which discovered the issue.
There is no evidence that malicious hackers have taken advantage of the software flaws — and doing so would require prior access to networks in some cases, Forescout said. Siemens, the industrial firm that owns the software, has issued updates fixing the vulnerabilities.
Siemens worked with federal officials and the researchers to verify and address the vulnerabilities through software updates.
Read the article in its entirety at CNN Business.