1 October 2019 - Today, the U.S. FDA is informing patients, health care professionals, IT staff in health care facilities and manufacturers of a set of cybersecurity vulnerabilities, referred to as “URGENT/11,” that—if exploited by a remote attacker—may introduce risks for medical devices and hospital networks.
URGENT/11 affects several operating systems that may then impact certain medical devices connected to a communications network, such as wi-fi and public or home Internet, as well as other connected equipment such as routers, connected phones and other critical infrastructure equipment.
These cybersecurity vulnerabilities may allow a remote user to take control of a medical device and change its function, cause denial of service, or cause information leaks or logical flaws, which may prevent a device from functioning properly or at all.