Medtronic Valleylab FT10/LS10 RFID Auth Bypass (CVE-2019-13531/13535)

Critical Vulnerability Information 1. Executive Summary CVSS v3 Score: 4.8 Note: Low skill level exploitation Vendor: Medtronic Devices: Valleylab FT10, Valleylab LS10 Vulnerabilities: Improper Authentication, Protection Mechanism Failure 2. Risk Assessment Successful exploitation of these vulnerabilities may allow an attacker to connect unauthorized instruments to the affected products by spoofing the RFID security mechanism. This could result in loss of performance integrity and reduced platform availability, as instruments and their associated parameters are misidentified. 3. Technical Details 3.1 Affected Products The following Medtronic Valleylab energy and electrosurgical products are affected: Valleylab FT10 Energy Platform (VLF10GEN) - Version 2.1.0 and earlier - Version 2.0.3 and earlier Valleylab LS10 Energy Platform (VLLS10GEN — not sold in the U.S.) - Version 1.20.2 and earlier 3.2 Vulnerability Overview 3.2.1 Improper Authentication CWE-287 The RFID security mechanism used for authentication between the FT10/LS10 energy platforms and instruments can be bypassed, allowing unauthorized instruments to connect to the generator. CVE ID: CVE-2019-13531 CVSS v3 Base Score: 4.8 3.2.2 Protection Mechanism Failure CWE-693 The RFID security mechanism does not enforce read protection, allowing full read access to RFID security mechanism data. CVE ID: CVE-2019-13535 CVSS v3 Base Score: 4.6 3.3 Background Critical Infrastructure Sector: Healthcare and Public Health Deployment Countries/Regions: Global Company Headquarters Location: Ireland 3.4 Researchers Medtronic reported these vulnerabilities to CISA. 4. Mitigations A software patch is now available for the affected Valleylab platforms. If you suspect you have instruments that are not FDA-approved or not authorized for use with Medtronic Valleylab FT10 or LS10, contact Medtronic or your medical device vendor. For questions regarding FDA clearance or approval for current or future instruments, contact your medical device vendor. Visit the Medtronic website for the software patch. CISA recommends users implement defensive measures to minimize the risk of exploitation. Specifically, users should: Restrict system access to authorized personnel and follow the principle of least privilege. Implement defense-in-depth strategies. For more information, refer to the FDA’s medical device cybersecurity guidance. These vulnerabilities cannot be exploited remotely.

Goal Reached Thanks to every supporter — we hit 100%!

Medtronic Valleylab FT10/LS10 RFID Auth Bypass (CVE-2019-13531/13535)

More from this source