The Armis security firm has discovered nine severe vulnerabilities in the Pneumatic Tubing System (PTS). This system is used in more than 3,000 hospitals in the U.S. These newly discovered bugs were collectively labeled as PwnedPiper.

What happened?

TransLogic PTS connects numerous departments in hospitals and pipes allow for the movement of sensitive medical materials for nurses to use on patients.
  • After studying the vulnerabilities, researchers confirmed that it could lead to dangerous ransomware attacks and allow the attackers to leak or steal sensitive hospital information.
  • Nine vulnerabilities have been identified in the PTS control software-Nexus control panel. The exploitation of such bugs could allow hackers to take over TransLogic PTS.

About PwnedPiper 

The researchers have provided the full list of the PwnedPiper vulnerabilities in their recent report.

Conclusion

The exploitation of the PTS may lead to serious problems for large hospitals with tens of connected departments. Therefore, patching these vulnerabilities should be a priority for the hospitals to prevent critical consequences to their facilities and patients. The vendor has provided mitigation steps for hospitals to stay protected.
Cyware Publisher

Publisher

Cyware