Yesterday the FDA issued an alert to medical device users and manufacturers about a cybersecurity vulnerability in software components that could allow an unauthorized attacker to gain complete system access to a host operating system. The issue involves PTC Axeda agent (all versions) and Axeda Desktop Server (all versions for Windows), which are web-based technologies that can give more than one person secure access to view and operate the same remote desktop via the Internet. Exploitation would give an attacker control over remote code execution, read/change configuration, file system read access, log information access and denial-of-service condition. “Depending on its use in the medical device, these vulnerabilities could result in changes to the operation of the medical device and impact the availability of the remote support functionality,” FDA stated in the alert.
According to the Cybersecurity & Infrastructure Agency (CISA), no known public exploits are currently targeting the vulnerabilities, which are fully outlined in the agency’s ICD Advisory.
PTC is advising manufacturers to take several steps to mitigate the vulnerability, including upgrading to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent; providing unique passwords; and to avoid using ERemoteServer in production. A full list of its recommendations is available in FDA’s alert on the agency’s website.