Categories: PR.com

The Medical Imaging & Technology Alliance Offers Guidance on Mitigating FDA-Announced URGENT11 Vulnerabilities in Medical Imaging Devices

Rosslyn, VA, October 01, 2019 –(PR.com)– In response to the Food and Drug Administration’s (FDA) recent announcement about revelations of a suite of vulnerabilities known as “URGENT/11,” the Medical Imaging & Technology Alliance (MITA) today released a list of general recommendations for health delivery organizations (HDOs) to consider. Recognizing that the security of medical imaging is a shared responsibility, MITA is communicating this information to assist HDOs that may be concerned about the impact of the vulnerabilities on their systems.

The “URGENT/11” vulnerabilities reside in the TCP/IP stack (IPnet), a component of several Real-Time Operating Systems (RTOS), most notably in certain versions of VxWorks. The vulnerabilities are identified by the following CVE numbers:

CVE-2019-12255
CVE-2019-12256
CVE-2019-12257
CVE-2019-12258
CVE-2019-12259
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
CVE-2019-12264
CVE-2019-12265

MITA Recommendations for Healthcare Delivery Organizations

Contact your device manufacturer to obtain information about whether your device is impacted.

Ensure you follow the manufacturer’s process for making any changes and follow the appropriate backup and system restoration procedures.

Apply provided security updates to impacted devices as soon as they become available.

Ensure your networks are protected with appropriate mechanisms (e.g., firewalls, network segmentation, virtual private networks) and follow any recommended security guidelines provided by the manufacturer.

Additional Information

Vendor-specific security information is also available from many medical imaging manufacturers. Visit www.medicalimaging.org/urgent-11 to view the most up-to-date list of vendor-specific links. The list will continue to be updated as more information becomes available.

Baxter (https://www.baxter.com/product-security)

Canon Medical Systems USA (https://us.medical.canon/download/VXWorks)

Carestream (https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy)

Dräger (https://static.draeger.com/security/download/2019-07-29-WindRiver-VxWorks-Security-Advisory.pdf)

GE Healthcare (https://www.gehealthcare.com/security)

Philips (https://www.usa.philips.com/healthcare/about/customer-support/product-security)

Siemens Healthineers (https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity)

FUJIFILM Sonosite (https://www.sonosite.com/support/cybersecurity-alert-urgent-11)

The Medical Imaging & Technology Alliance (MITA), a division of NEMA, is the collective voice of medical imaging equipment manufacturers, innovators, and product developers. It represents companies whose sales comprise more than 90 percent of the global market for advanced medical imaging technology. For more information, visit www.medicalimaging.org. Follow MITA on Twitter @MITAToday.­­­­­

IR Press

Share
Published by
IR Press

Recent Posts

OCC Announces Enforcement Actions for November 2024

WASHINGTON—The Office of the Comptroller of the Currency (OCC) today released enforcement actions taken against…

1 day ago

Remarks by Secretary of the Treasury Janet L. Yellen on the 30th Anniversary of the Community Development Financial Institution Fund

As Prepared for Delivery Good afternoon. It’s an honor to welcome President Clinton to Treasury today…

2 days ago

Treasury Sanctions Gazprombank and Takes Additional Steps to Curtail Russia’s Use of the International Financial System

Treasury imposes sanctions on dozens of Russian banks, securities registrars, and finance officials; OFAC issues…

2 days ago

Acting Comptroller Testifies on State of the Federal Banking System

WASHINGTON—Acting Comptroller Michael J. Hsu today testified on the state of the federal banking system…

2 days ago

Remarks by Assistant Secretary for International Finance Brent Neiman on the U.S. Cross-Border Payments Agenda

As Prepared for Delivery Thank you very much for the opportunity to be here today, and…

4 days ago