Critical Flaws in Syringe Pump, Device Gateways Threaten Patient Safety

Your daily selection of the hottest trending tech news!

According to (This article and its images were originally posted on Threatpost August 30, 2018 at 09:34AM.)

Two previously undocumented, critical vulnerabilities in widely deployed medical devices have sparked patient-safety and data-privacy concerns.

Flaws in the Qualcomm Life Capsule Datacaptor Terminal Server and the Becton Dickinson (BD) Alaris TIVA Syringe Pump have been acknowledged by the vendors and publicly disclosed via ICS-CERT.

In the case of the Qualcomm Datacaptor, which was developed in partnership with Capsule Technologies, the hardware at issue is a terminal server – a small box that accepts serial connections from multiple devices and bridges them all to a standard network. It acts as a medical device gateway, connecting things like bedside monitors, respirators, anesthesia delivery systems and infusion pumps to the hospital network.

CyberMDx found the Datacaptor to be exposed to the so-called “Misfortune Cookie” (CVE-2014-9222), which is a threat vector that’s been around for four years.


  • Got any news, tips or want to contact us directly? Feel free to email us:

To see more posts like these; please subscribe to our newsletter. By entering a valid email, you’ll receive top trending reports delivered to your inbox.


This article and images were originally posted on [Threatpost] August 30, 2018 at 09:34AM. Credit to Author  and Threatpost | ESIST.T>G>S Recommended Articles Of The Day.


Donations are appreciated and go directly to supporting ESIST.Tech. Thank you in advance for helping us to continue to be a part of your online entertainment!





Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.