Hard-coded password and Improper Privilege Management Vulnerabilities in DCA Vantage Analyzer
Publication Date: 2020-10-13
Last Update: 2020-10-13
Current Version: 1.0
CVSS v3.1 Base Score: 6.4
DCA Vantage Analyzer software version 220.127.116.11 is now available to fix a hard-coded password and an improper privilege management vulnerability that could allow an attacker to read and or modify the onboard database as well as to escape the restricted environment “kiosk mode”. Specific workarounds and mitigations may also be taken.
AFFECTED PRODUCTS AND SOLUTION
Affected Product and Versions
DCA Vantage Analyzer:
Update to software V18.104.22.168 or later version. Log into your Siemens Healthineers Document Library account to access the DCA Vantage 22.214.171.124 software. Alternatively, contact your local Siemens Healthineers support center for assistance.
WORKAROUNDS AND MITIGATIONS
Siemens Healthineers has identified the following specific workarounds and mitigations that customers can apply to reduce the risk:
- Restrict physical access to only authorized individuals to limit exposure.
- Utilize DCA Vantage Analyzer Restricted mode (or higher) to further secure and prevent unauthorized access to database export and restore feature.
- Securely store any database backup files.
GENERAL SECURITY RECOMMENDATIONS
In addition, Siemens Healthineers recommends the following:
- Ensure you have appropriate backups and system restoration procedures.
- Securely delete any backup ﬁles that are no longer needed.
- For speciﬁc patch and remediation guidance information, contact your local Siemens Healthineers customer service representative, support center, or https://www.siemens-healthineers.com/how-can-we-help-you
The DCA Vantage Analyzer is a multi-parameter, point-of-care analyzer for monitoring glycemic control in patients with diabetes and detecting early kidney disease.
The vulnerability classification has been performed by using the CVSS scoring system in version 3.1 (CVSS v3.1)
https://www.first.org/cvss. The CVSS environmental score is specific to the customer’s environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring.
An additional classification has been performed using the CWE classification, a community-developed list of common software security weaknesses. This serves as a common language and as a baseline for weakness identification, mitigation, and prevention efforts. A detailed list of CWE classes can be found at: https://cwe.mitre.org/.
Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to open and or modify the onboard database. Successful exploitation requires direct physical access to the device.
CVSS v3.1 Base Score 6.4
CVSS Vector CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L/E:F/RL:O/RC:C
CWE: CWE-259: Use of Hard-coded Password
Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (“kiosk mode”) and access the underlying operating system. Successful exploitation requires direct physical access to the system.
CVSS v3.1 Base Score 2.4
CVSS Vector CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C
CWE: CWE-269: Improper Privilege Management
Siemens Healthineers thanks the following parties from Forescout Technologies for their coordination efforts:
- Stanislav Dashevskyi
- Guillaume Dupont
- Sylvio Sorel
For further inquiries on security vulnerabilities in Siemens Healthineers products and solutions, please contact Siemens Healthineers :
V1.0 (2020-10-13): Publication Date
© Siemens Healthineers 2020