Nine critical vulnerabilities have been found in some of SwissLog’s TransLogic Pneumatic Tube System (PTS), collectively known as PwnedPiper.
The tube system is an automated material transport solution for transporting medical items over long distances in medium and large hospitals. Objects such as blood, tissue, laboratory samples and medicines are just a few examples.
TransLogic PTS is used in more than 2,300 hospitals in North America.
The nine vulnerabilities discovered in the firmware of the Nexus Control Panel could be exploited by a remote hacker to gain full control of some TransLogic PTS stations connected to the internet thereby taking over the entire PTS network of a target hospital.
The discovery was made by researchers at security firm Armis.
For more information, read the original story in BleepingComputer.