Researchers disclose two vulnerabilities in Becton Dickinson Alaris Gateway Workstation for medical infusion pumps in hospitals. The critical bug in a connected medical device can allow an attacker to remotely manipulate hospital pumps, either to withhold meds or dispense too much. Infusion pumps can deliver insulin, painkillers or other medicines that require intermittent or continuous dosing. The bad news is that so far, there is no evidence of in-the-wild exploitation of the bug. Administrators should update to the latest firmware to mitigate the risk.
Source: https://threatpost.com/critical-bug-infusion-pump-lives-at-risk/145660/