Multiple flaws have been disclosed in the widely-used pneumatic tube system (PTS) that are vulnerable to attacks.

The cyber security researchers from security firm Armis disclosed a set of nine vulnerabilities that has been dubbed PwnedPiper which when exploited can perform multiple attacks against a widely-used pneumatic tube system (PTS).

The Swisslog PTS system are used in the hospitals to automate logistics and the transport of materials throughout the building via a network of pneumatic tubes.

The flaw affects the Translogic PTS system manufactured by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and thousands of hospitals worldwide.

It is possible for a threat actor to exploit the PwnedPiper vulnerabilities to completely take over the Translogic Nexus Control Panel, which powers current models of Translogic PTS stations.

The attackers can conduct a broad range of malicious activities, such as carrying out a man-in-the-middle (MitM) attack to change or deploy ransomware.

According to a post published by Armis, these vulnerabilities can enable an unauthenticated attacker to take over Translogic PTS stations and essentially gain complete control over the PTS network of a target hospital. The attackers can perform sophisticated ransomware attacks and can leak sensitive hospital information.

The flaws include privilege escalation, memory corruption, remote-code execution, and denial-of-service issues. An attacker could also push an insecure firmware upgrade to fully compromise the devices.

The vulnerabilities discovered by the researchers include:

  • CVE-2021-37161 – Underflow in udpRXThread
  • CVE-2021-37162 – Overflow in sccProcessMsg
  • CVE-2021-37163 – Two hardcoded passwords accessible through the Telnet server
  • CVE-2021-37164 – Off-by-three stack overflow in tcpTxThread
  • CVE-2021-37165 – Overflow in hmiProcessMsg
  • CVE-2021-37166 – GUI socket Denial of Service
  • CVE-2021-37167 – User script run by root can be used for PE
  • CVE-2021-37160 – Unauthenticated, unencrypted, unsigned firmware upgrade

Most of the above mentioned vulnerabilities are addressed in the new Nexus Control Panel version 7.2.5.7. The CVE-2021-37160 has yet to be addressed.

Image Credits : Swisslog Healthcare

The post PwnedPiper flaws in PTS systems affect 80% of major US hospitals first appeared on Cybersafe News.

You May Also Like

25 BadAlloc vulnerabilities affects BlackBerry QNX RTOS used by over 195 million vehicles and embedded systems in different industries. Patch quickly

In a security report, BlackBerry announced that its QNX Real Time Operating…

Critical vulnerabilities in NPM would allow hackers to publish new versions of any package

GitHub researchers announced the detection of two severe security flaws in NPM,…