Certain SpaceLabs Healthcare telemetry receivers are at risk of cyberattack by a program as virulent as the WannaCry malware attacks of 2017, according to the U.S. Department of Homeland Security.
The SpaceLabs Xhibit telemetry receiver model number 96280, v1.0.2 and all versions of a former SpaceLabs product, Arkon, may be affected by the BlueKeep virus, the agency said. The virus exists within the remote desktop protocol (RDP) used by the following Microsoft Windows operating systems:
- Windows 2000.
- Windows Vista.
- Windows XP.
- Windows 7.
- Windows Server 2003.
- Windows Server 2003 R2.
- Windows Server 2008.
- Windows Server 2008 R2.
According to Microsoft, an attacker can send specially crafted packets to operating systems with RDP enabled. The attacker then could perform a number of actions, including adding accounts with full user rights; viewing, changing, or deleting data; or installing programs. This exploit, which requires no user interaction, must occur for successful authentication. Microsoft discovered the problem and alerted SpaceLabs, which notified federal officials.
BlueKeep is considered “worm-able” because malware that exploits this vulnerability on a system could spread to other vulnerable systems — thus a BlueKeep exploit could rapidly spread like the WannaCry virus.
SpaceLabs recommends that XTR users update to the newest software release, according to Homeland Security. The company also offered an alternate fix for products or systems that are obsolete or unable to be patched. More information is available here.
The company did not immediately respond to a request for comment.