Security researchers found 1,418 remotely exploitable flaws in CareFusion’s Pyxis SupplyStation medical dispensing system. 715 of those vulnerabilities in “automated supply cabinets used to dispense medical supplies” have a severity rating of high or critical.

The Pyxis SupplyStation system is a “secure storage device” for medical supplies that documents supply usage and interfaces with software to bill the patient. The vulnerabilities can be exploited remotely and exploits for targeting the flaws are publicly available, the ICS-CERT advisory notes. Wait, it gets “better” as it apparently would not require a l33t hacker to exploit the medical system. ICS-CERT noted, “An attacker with low skill would be able to exploit many of these vulnerabilities.”

To read this article in full or to leave a comment, please click here