Siemens Medical Products Affected by Wormable Windows Flaw
A Siemens investigation found that the recently discovered critical Windows security flaw known as BlueKeep impacts various medical devices produced by Siemens Healthineers, a Siemens division.
The vulnerability, tracked as CVE-2019-0708, impacts RDP implementations on Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 and other older Windows operating systems. Because Microsoft patched the flaw earlier this month, Siemens urges its customers to install those security fixes as soon as possible. For certain products the firm is recommending users to disable RDP or close port 3389, which is normally used for this protocol.
Security experts worry that BlueKeep could allow attackers to carry out a massive attack involving self-replicating malicious code.