Critical Access:7 Vulnerabilities Impact ATMs, Medical, IoT devices
As many as seven security vulnerabilities have been disclosed in PTC’s Axeda software that could be weaponized to gain unauthorized access to medical and IoT devices. They are referred to as the “Access:7” vulnerabilities
Brief Explanation of the Access:7 Vulnerabilities
Three of the vulnerabilities, collectively referred to as “Access:7,” are classified as Critical in severity and could possibly affect more than 150 device models made by more than 100 different makers. This poses a serious supply chain risk.
The Axeda solution from PTC features a cloud platform that enables device manufacturers to establish connectivity for remote monitoring, management, and servicing of a variety of connected machines, sensors, and devices through a component known as the agent, which is installed by OEMs prior to the sale of the devices to customers.
Researchers from Forescout and CyberMDX said in a joint report released today that Access:7 “could enable hackers to remotely execute malicious code, access sensitive data, or alter configuration on medical and IoT devices running PTC’s Axeda remote code and management agent.”
The healthcare industry accounts for 55% of the 100 impacted device vendors, followed by the IoT (24%), IT (8%), financial services (5%), and manufacturing (4%) sectors. At least 54% of users of Axeda-powered products have been located in the medical field.
In addition to medical imaging and laboratory equipment, susceptible devices range from barcode scanning systems, SCADA systems, asset monitoring and tracking solutions, IoT gateways, and industrial cutters to ATMs, vending machines, cash management systems, and label printers.
A list of Access:7 Vulnerabilities
- CVE-2022-25246 (CVSS score: 9.8) – The use of hard-coded credentials in the AxedaDesktopServer.exe service that could enable remote takeover of a device
- CVE-2022-25247 (CVSS score: 9.8) – A Vulnerabilities in ERemoteServer.exe that could be leveraged to send specially crafted commands to obtain Remote code execution (RCE) and full file system access
- CVE-2022-25251 (CVSS score: 9.8) – Missing authentication in the Axeda xGate.exe agent that could be used to modify the agent’s configuration
- CVE-2022-25249 (CVSS score: 7.5) – A directory traversal flaw in the Axeda xGate.exe agent which could allow a remote unauthenticated attacker to obtain file system read access on the web server
- CVE-2022-25250 (CVSS score: 7.5) – A denial-of-service (DoS) flaw in the Axeda xGate.exe agent by injecting an undocumented command
- CVE-2022-25252 (CVSS score: 7.5) – A buffer overflow vulnerability in the Axeda xBase39.dll component that could result in a denial-of-service (DoS)
- CVE-2022-25248 (CVSS score: 5.3) – An information disclosure flaw in the ERemoteServer.exe service that exposes the live event text log to unauthenticated parties
Get Legit Cash App Money Transfer Now
What you can achieve with our Cashapp transfer service is unlimited unless you don’t know how to do business or probably spend money.
WHAT DETAILS DO WE NEED FROM YOU TO COMPLETE TRANSACTION?
- Cashtag $name
- Cashapp Email
- Cashapp Account Holder’s Full Name (To help us send with description to the holder)
- Let us know of any specific instructions you will want us to add to your transfer, but if there are none then we will handle it
Potential Risks of the Access:7 Vulnerabilities
As Forescout detected over 2,000 vulnerable systems, the report claims that the flaws were found in hundreds of thousands of devices. Access:7 enables an attacker to steal information from delicate devices, especially medical gear, with the potential to tamper with test findings.
Additionally, attackers have the ability to disable or at the very least make inaccessible important gadgets and equipment. Daniel dos Santos, the director of security research at Forescout, revealed that they could also completely take control of the devices.
If the flaws are successfully exploited, attackers may be given the ability to remotely run malicious code to control a device completely, access confidential information, change configurations, and disable particular services in the affected device.
The flaws, which affect all versions of the Axeda Agent prior to 6.9.3, were reported to PTC on August 10, 2021 as part of a coordinated disclosure process that involved the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Health Information Sharing and Analysis Center (H-ISAC), and the Food and Drug Administration (FDA).
Ways to Prevent the Access:7 Vulnerabilities
To mitigate the flaws and prevent possible exploitation, users are recommended to upgrade to Axeda agent version 6.9.1 build 1046, 6.9.2 build 1049, or 6.9.3 build 1051.
This is not the first time critical security vulnerabilities primarily targeting healthcare systems have come to light. In December 2020, CyberMDX disclosed “MDhex-Ray,” a severe flaw in GE Healthcare’s CT, X-Ray, and MRI imaging products that could result in the exposure of protected health information.
According to the researchers, Access:7 has an impact on a solution provided to device makers who did not create their own internal remote servicing system. Since many downstream makers and devices are affected, it is a supply chain vulnerability.
Click Here to Get Legit Cash App Money Transfer
Get $500 Cashapp | Get $750 Cashapp | Get $1k Cashapp | Get $2k Cashapp | Get $5k Cashapp | Get $4k CAshapp