![]() 6 classes of product were found to be vulnerable. ![]() If the patch cannot be applied, RDP should be disabled, port 3389 should be blocked at the firewall, and Network Level Authentication (NLA) should be enabled.įollowing Microsoft’s announcement about the RDS flaw and the release of the patches, Siemens conducted an investigation to determine which Siemens Healthineers products were affected. The flaw affects Windows 2003, Windows XP, Windows 7, Windows Server 2008 and Windows Server 2008 R2. The severity of the vulnerability prompted Microsoft to issue patches for all vulnerable operating systems, including unsupported Windows versions which are still used in many healthcare and industrial facilities. The flaw is wormable and can be exploited to spread malware to all vulnerable devices on a network in a similar fashion to the WannaCry attacks of 2017. ![]() An attacker could exploit the flaw and gain full control of a vulnerable device by sending specially crafted requests to Remote Desktop Services on a vulnerable device via RDP. The flaws have been assigned a CVSS v3 score of 9.8 and concern the recently announced Microsoft BlueKeep RDS flaw – CVE-2019-0708.ĬVE-2019-0708 is a remotely exploitable flaw that requires no user interaction to exploit. Six security advisories have been issued covering Siemens Healthineers products. Siemens Healthineers Products Vulnerable to Microsoft BlueKeep Wormable Flaw
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |