Improper Authentication in Hillrom Welch Allyn Cardio Products



Published: 2021-12-10
Risk High
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2021-43935
CWE-ID CWE-288
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Welch Allyn Q-Stress Cardiac Stress Testing System
Hardware solutions / Medical equipment

Welch Allyn X-Scribe Cardiac Stress Testing System
Hardware solutions / Medical equipment

Welch Allyn Diagnostic Cardiology Suite
Hardware solutions / Medical equipment

Welch Allyn Vision Express
Hardware solutions / Medical equipment

Welch Allyn H-Scribe Holter Analysis System
Hardware solutions / Medical equipment

Welch Allyn R-Scribe Resting ECG System
Hardware solutions / Medical equipment

Welch Allyn Connex Cardio
Hardware solutions / Medical equipment

Vendor Hill-Rom Services

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU58818

Risk: High

CVSSv3.1: 7.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2021-43935

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to an improper authentication. A remote attacker can gain access to the application as the supplied AD account, with all associated privileges. 

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Welch Allyn Q-Stress Cardiac Stress Testing System: 6.0.0 - 6.3.1

Welch Allyn X-Scribe Cardiac Stress Testing System: 5.01 - 6.3.1

Welch Allyn Diagnostic Cardiology Suite: 2.1.0

Welch Allyn Vision Express: 6.1.0 - 6.4.0

Welch Allyn H-Scribe Holter Analysis System: 5.01 - 6.4.0

Welch Allyn R-Scribe Resting ECG System: 5.01 - 7.0.0

Welch Allyn Connex Cardio: 1.0.0 - 1.1.1

External links

http://ics-cert.us-cert.gov/advisories/icsma-21-343-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###