A number of Hillrom Welch Allyn Cardio products had been found to have a high severity vulnerability that permits an attacker to access accounts without using a password.
The vulnerability involves an authentication bypass problem that is present in Hillrom cardiology products that were set up to utilize single sign-on (SSO). The vulnerability permits the manual access of all active directory (AD) accounts provisioned inside the program, and access is given without requiring the linked password. This means that a remote attacker could access the program within the supplied AD account and acquire all privileges connected with the account.
The vulnerability is monitored as CVE-2021-43935 and got a CVSS v3 base score of 8.1 of 10.
As per Hillrom, the vulnerability has an effect on these Hillrom Welch Allyn cardiology devices:
- Welch Allyn Diagnostic Cardiology Suite: Version 2.1.0
- Welch Allyn Q-Stress Cardiac Stress Testing System: Versions 6.0.0 through 6.3.1
- Welch Allyn X-Scribe Cardiac Stress Testing System: Versions 5.01 through 6.3.1
- Welch Allyn Vision Express: Versions 6.1.0 through 6.4.0
- Welch Allyn R-Scribe Resting ECG System: Versions 5.01 through 7.0.0
- Welch Allyn H-Scribe Holter Analysis System: Versions 5.01 through 6.4.0
- Welch Allyn Connex Cardio: Versions 1.0.0 through 1.1.1
Hillrom is going to deal with this vulnerability the next time it releases software; but, as a temporary measure to avoid the exploitation of the vulnerability, users of the impacted devices ought to deactivate the SSO function in the particular Modality Manager Configuration controls. Additionally, customers ought to make sure they use the appropriate network and physical security settings and employ authentication on server access.