The National Cybersecurity & Communications Integration Center (NCCIC) recommends limiting network exposure for all control systems and devices and ensuring they are not accessible online. The Natus Neuro technical support department should be contacted for further details.Īlong with updating to the latest version of the software, organizations can take additional steps to restrict the potential for zero-day vulnerabilities to be targeted. The update is available for free for users of NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Natus recommends all users of the vulnerable software to update to NeuroWorks/SleepWorks 8.5 GMA 3 as soon as they can. ![]() So far there have been no reported cases of the vulnerabilities being exploited in the wild, and no public exploits for the vulnerabilities have been seen. Natus took swift action and has now released an updated version of its software which remedies all of the weaknesses. The flaws were identified by security researcher Cory Duplantis from Cisco Talos who reported them to Natus. Exploitation would permit a hacker to trigger a buffer overflow and execute arbitrary code, allowing the hacker to take complete control of the affected system. The vulnerabilities are a combination of stack-based buffer overflow and out-of-bounds read flaws.ĬVE-2017-2853 would permit a hacker to create buffer overflow by sending a specially crafted packet to an impacted product while the product tries to open a file requested by the client.ĬVE-2017-2868 and CVE-2017-2869 refer to flaws in how the program parses data structures. Three of the weaknesses – tracked as CVE-2017-2853, CVE-2017-2868, and CVE-2017-2869 – have been given a CVSS v3 base score of 10, the highest possible score. If the weaknesses are successfully exploited they could allow a hacker to crash a vulnerable device or trigger a buffer overflow condition that would permit remote code execution.Īll eight vulnerabilities have been given a CVSS v3 score above 7.0 and are rated high. Patient and study management with reliable and flexible study acquisition and review features are the foundations of a cyber-secure solution that simplifies EEG diagnostics.ICS-CERT has released a warning after identifying eight vulnerabilities in version 8 of Natus Xltek NeuroWorks software implemented in Natus Xltek EEG medical products. The Natus NeuroWorks ® Platform enables seamless HL7 integration with facility medical records. Please contact your local sales representative for availability. Small form factor and lightweight patient wearable.Ergonomic electrode input to optimize patient mobility.It can be fixed to a wall or mounted on a variety of carts, and its unique quick-disconnect options enable moving the unit easily and safely.įrom a range of channel inputs to extended-range wireless monitoring, this innovative amplifier has all the features needed for brain monitoring in an EMU. The EMU40EX is suitable for a variety of fixed and portable applications. Lastly, a photic stimulator interface and a patient-event-switch interface complete the EEG functionality. Plus, there are 4 extra DC channels available on the base unit. In addition, oxygen saturation and pulse rate channels are available from the integrated oximeter. It offers 40 clearly marked AC channels that allow for full 10-20 electrode placement. ![]() Data cannot be intercepted or received by any other Bluetooth-enabled device in the area.ĭesigned specifically for Epilepsy Monitoring Unit (EMU) facilities, the EMU40EX can also be used for clinical EEG and some in-lab sleep studies. The Bluetooth connection from the patient's breakout box to the EMU40EX base unit is strictly point-to-point. EEG data is recorded on flash memory in the wearable unit and uploaded when the patient plugs back in, ensuring no data is lost or compromised. Extended range wireless connectivity doesn’t sacrifice data quality with its 1 kHz sampling frequency. The compact Natus EMU40EX breakout box with built-in wireless capability allows video EEG monitoring even when the patient disconnects from the main unit for daily care routines.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |