Zero-day vulnerabilities in temperature monitors could lead to patient data leaks
Proges Plus Plug&Track Products Vulnerable
Multiple vulnerabilities were unearthed in Proges Plus Plug&Track products utilized for temperature monitoring at medical facilities, with no fixes in sight. Nozomi Networks Labs revealed these flaws, disclosing four vulnerabilities in Sensor Net Connect V2 and three vulnerabilities in Thermoscan IP in a recent blog post.
Significance of Sensor Net Connect and Thermoscan IP
Sensor Net Connect, a Linux-based device, is employed to supervise temperature or humidity from various sensors at once, enabling connection to a hospital network via Wi-Fi or Ethernet. Thermoscan IP acts as complementary software for Sensor Net Connect, facilitating real-time data viewing and analysis.
Widespread Applications
These products find use in diverse applications, including the temperature monitoring of patient samples and pharmaceuticals. Proges mentions that Plug&Track products are utilized in over 60 countries, catering mainly to small and medium-sized enterprises.
Critical Vulnerability: CVE-2024-31202
The most critical vulnerability, CVE-2024-31202, is deemed an "incorrect permission assignment for critical resource" flaw in Thermoscan IP that could allow local privilege escalation, potentially exposing sensitive data. It carries a high CVSS score of 8.4 and could be exploited by an unprivileged user with basic access to a healthcare system having Thermoscan IP installed.
Serious Implications
This flaw could lead to the creation of a "backdoor" administrator account, risking the compromise or theft of sensitive patient data. When combined with other vulnerabilities in both the device and software, it could result in severe consequences, from breaching patient privacy to disrupting critical temperature monitoring tools.
Prevention Measures
Given the absence of patches, users of these products are advised to enforce stringent access control, restricting unauthorized users and applications from accessing the monitoring tools. Additionally, continuous monitoring of logs and accounts linked to the Thermoscan IP software is recommended to detect any signs of suspicious activities.
Outreach and No Response
Nozomi Networks tried reaching out to Proges Plus and its Plug&Track division multiple times regarding the vulnerabilities but did not receive any response or confirmation of fixes. For more insights into the vulnerabilities and potential attack scenarios, SC Media contacted Nozomi Networks but did not receive a response before publication. Attempts to contact Plug&Track and Proges Plus were also fruitless.
The Growing Concern of Medical IoT Devices
There is a growing concern about the role of medical IoT devices in the cybersecurity and patient privacy risks faced by hospitals. Recent discoveries of vulnerabilities in healthcare equipment highlight the need for heightened security measures and prompt responses to potential threats.