CyberMDX’s Vulnerability Research and HTM Analysis team regularly works with medical device organizations in the responsible disclosure of security vulnerabilities. The threat intelligence team works tirelessly to help protect hospitals and healthcare organizations from malicious attacks.
The team’s researchers, white hat hackers, and engineers collect information about possible attack paths to understand attacker motives, means, and methods in an effort to deliver the best protection possible.


Device Details Discovered

Dell Wyse Thin Client Vulnerability Disclosure

The two vulnerabilities affect Dell Wyse Thin client devices running ThinOS 8.6 and earlier, and once exploited allow attackers to, among other things, remotely run malicious code and access arbitrary files on affected devices...

December 21, 2020


GE Radiology Modalities Vulnerability Disclosure

Our solution detected that GE radiology modalities were being remotely maintained and updated in an unsecured way. A further inspection by our research and analyst teams has found that the devices can be exploited by unauthorized actors....

December 8, 2020


JSOF Discovers "Ripple20" Vulnerabilities, CyberMDX Assists

JSOF has discovered 19 vulnerabilities in Treck's TCP/IP stack. If exploited, these vulnerabilities can result in Exposure of Sensitive Information, Remote Code Execution, Out-of-Bounds Write, Denial of Service, and other instances of serious compromise...

September 26, 2019


MDhex (CIC Pro & Other GE Medical Devices)

CyberMDX discovered a bundle of six vulnerabilities affecting a range of GE Health products. If exploited, these vulnerabilities could result in remote device access & control, as well as  file write & upload...

September 18, 2019


GE Aestiva and Aespire Devices

CyberMDX discovered that GE Aestiva devices and certain models of the GE Aespire anesthesia machine may be subject to unauthorized network communications and commands resulting from a protocol reversion vulnerability.  Among other things, this vulnerability can be exploited to alter gas composition inputs...

October 29, 2018


BD AlarisTM Gateway Workstation (firmware vulnerability)

The CyberMDX Research team discovered that the BD AlarisTM Gateway Workstation's firmware is vulnerable to malicious exploitation whereby an upgrade can be executed without any predicate permissions and allow bad actors a route to "authenticate" malicious content...

October 28, 2018


BD AlarisTM Gateway Workstation (web management vulnerability)

The CyberMDX Research team discovered that the BD AlarisTM Gateway Workstation's web management system is vulnerable to malicious exploitation. Due to a lack of password protection, anyone knowing the IP address of a targeted workstation could...

October 28, 2018


BD AlarisTM TIVA Syringe Pump

The CyberMDX Research team discovered that if a malicious attacker can gain access to a hospital’s network and if the AlarisTM TIVA syringe pump is connected to a terminal server, the attacker can perform hacks without any prior knowledge of IP addresses or the pump's location...

May 8, 2018


Qualcomm Life Capsule Datacaptor Terminal Server

The CyberMDX Research team discovered that Qualcomm Life Capsule's Datacaptor Terminal Server is vulnerable to “misfortune cookie” — CVE-2014-9222, allowing remote arbitrary memory write...

May 8, 2018