Franklin Lakes, New Jersey-based BD recently identified eight vulnerabilities. These vulnerabilities are associated with the BD Alaris system with Guardrails Suite MX, versions 12.1.3 and earlier.
The company discovered the vulnerabilities through routine internal security testing as part of its software development life cycle. This includes vulnerability scanning, code analysis, threat modeling and penetration testing. BD received no reports of exploitation of these vulnerabilities in any customer environment or clinical setting. Additionally, the company cites no impact on patient health information or personally identifiable information.
BD said it assessed the clinical risk and patient safety impact of all the vulnerabilities. For all eight, the existing product control measures proved to effectively reduce the probability of harm.
If exploded, two of the vulnerabilities pose no impact on patient safety, while six present remote or improbable potential impact. The potential for harm can only occur upon the exploitation of the vulnerability, BD said.
Get the full story at our sister site, Drug Delivery Business News.