Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. The other issue is less severe and affects the workstation’s web-based management interface. The vulnerability is limited to a single BD infusion system offering (the Alaris Gateway Workstation) that is not sold in the U.S., it is important to note this disclosure does not apply to the majority of BD infusion systems.
Source: https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/