Skip to main content

Hillrom Welch Allyn Cardio Products Authentication Bypass Vulnerability

There is improper authentication vulnerability in Hillrom Welch Allyn cardiology products when those products are configured to use SSO.

Threat ID:
CC-3988
Threat Severity:
Low
Published:
10 December 2021 2:14 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

There is improper authentication vulnerability in Hillrom Welch Allyn cardiology products when those products are configured to use SSO.

Affected platforms

The following platforms are known to be affected:

Hillrom Welch Allyn Cardiology Products

The following platforms are also known to be affected:

All of these Hillrom cardiology products, when configured to use single sign-on (SSO):

  • Welch Allyn Q-Stress Cardiac Stress Testing System - Versions: 6.0.0 through 6.3.1
  • Welch Allyn X-Scribe Cardiac Stress Testing System - Versions: 5.01 through 6.3.1
  • Welch Allyn Diagnostic Cardiology Suite - Version: 2.1.0
  • Welch Allyn Vision Express - Versions: 6.1.0 through 6.4.0
  • Welch Allyn H-Scribe Holter Analysis System - Versions: 5.01 through 6.4.0
  • Welch Allyn R-Scribe Resting ECG System - Versions: 5.01 through 7.0.0
  • Welch Allyn Connex Cardio - Versions: 1.0.0 through 1.1.1

Threat details

Introduction

Hillrom has reported an improper authentication vulnerability to some of its Welch Allyn cardiology products when those products are configured to use Single Sign-on (SSO). This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges.

An attacker could exploit this vulnerability to gain access to privileged accounts and take control of a system.

Remediation advice

Affected organisations should review the Hillrom Responsible Disclosures for more information.

Hillrom plans to release software updates to address this vulnerability in their next software release. In the interim, Hillrom recommends the following workaround and mitigation to reduce the risk:

  • Disable the SSO feature in the respective Modality Manager Configuration settings. Please refer to the instructions for use (IFU) and/or service manual for instructions on how to disable SSO.

 

Last edited: 10 December 2021 3:55 pm