Maximizing Healthcare Security with NDR: Best Practices and Buying Tips

Discover how this new NDR technology can help secure your network

Threat Intelligence: Bad Neighbor

CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability
Cynerio
Oct 14, 2020
Threat Intelligence

Microsoft announced a critical vulnerability in the Windows IPv6 stack 

Microsoft announced a critical vulnerability (CVE-2020-16898) on October 13, 2020 with a CVSS score of 9.8. The vulnerability is located within an ICMPv6 Neighbor Discovery “Protocol”, and uses the Router Advertisement type in the Windows IPv6 stack. 

The vulnerability allows an attacker to send maliciously-crafted packets to potentially execute arbitrary code on a remote system. It results in an immediate BSOD (Blue Screen of Death), but more so, indicates the likelihood of exploitation for those who can manage to bypass Windows 10 and Windows Server 2019 mitigations.

Devices affected

Windows 10  is used in many critical medical devices provided by a multitude of vendors (e.g. GE, Carestream, Siemens, Becton Dickinson, Zeiss, Hyland, Philips, Pie Medical, Hologic, MES, FujiFilm, Nipro), including myriad radiology and laboratory devices running various versions of the operating system, such as:

  • MRI
  • CT
  • Ultrasound devices
  • Medicine dispensers
  • OCT machines
  • DICOM Workstation
  • Specimen Radiography System
  • Hemodialysis
  • X-Ray

Many device manufacturers are still working to identify which device models are affected. 

What does this mean for healthcare facilities?

Threat actors exploiting the Bad Neighbor vulnerability could use remote code execution to gain control of systems and devices across large-scale healthcare environments. The impact to healthcare facilities could be significant, as this type of bug could be made wormable.

Cynerio’s Research Team is closely monitoring the development of this vulnerability and maintains close contact with relevant vendors for available patches and updates. Alerts will be sent out immediately whenever a vulnerable or infected device is identified.

What can you do until patches are made available?

Map the critical devices on your network running Windows 10 and harden your network with North-South and East-West segmentation. For your convenience, we’ve put together a few handy guides and use cases on Network Segmentation here

In support of CISA's National Cyber Awareness Month, Cynerio is offering healthcare facilities in North America  a free risk assessment until October 31.

Contact us today to get your free risk assessment.


read next

Threat Intel: Johnson Controls International (JCI) Hit by Ransomware Attack

Vicki Michaeli
Sep 29, 2023

Threat Intel: Log4j - Critical Zero Day Vulnerability

Cynerio
Dec 13, 2021
Go Back to Blog

Keep your finger on the pulse of Healthcare IoT security

Get Your Free Pass to HIMSS21

August 9 -13, Las Vegas

HOW? Easy! If you are a Healthcare IT Executive and you book a 30-minute call with us before July 30th, you get a free pass (valued at $1295)

Book a Call

*Please note that there is limited pass availability

Product
Healthcare Cybersecurity PlatformPatient Data SecurityNetwork Detection + ResponseComplete Asset VisibilityMedical Device SecurityCynerioLive
Resources
BlogDatasheetsWhite PapersUse CasesPartnershipsInfographicsMediaVideosWebinars
Company
About UsLeadershipPress ReleasesCareersContact Us
Partners
ResellersDistributorsTechnology & Alliance PartnersMSSPReferral Partners
Follow us
Facebook
LinkedIn
X
© Copyrights Cynerio 2024
Privacy Policy
SOC 2 Badge
The Standards of Institution of Israel Badge