[German]Security vendor Forescout has found no less than seven vulnerabilities in the PTC Axeda agent during an investigation. This software is used in medical and IoT devices, which means that the vulnerabilities grouped under the name Access:7 have an impact on the security of such devices. Here is a brief overview of the facts.
Advertising
The PTC Axeda Agent
The Axeda Agent solution allows device manufacturers to remotely access and manage connected devices. The affected agent is most common in healthcare, but also occurs in other industries such as financial services and manufacturing. A detailed list of more than 150 potentially affected devices from more than 100 vendors illustrates the significance of the vulnerabilities. The list includes several medical imaging and laboratory devices. But Dell Policy Manager 6.6 ESRS is also listed as "unconfirmed."
The Access:7 vulnerabilities
Forescout's Vedere Labs, in collaboration with CyberMDX, discovered as many as seven new vulnerabilities affecting PTC's Axeda agent. Catalin Cimpanu points out the vulnerabilities, known as Access:7, in the following tweet.
Three of the vulnerabilities were deemed critical by CISA because they could allow hackers to remotely execute malicious code and take complete control of devices, access sensitive data or change configurations in affected devices. Forescout has published the details of the vulnerabilities in this post.
Problem with the whole thing: IoT devices and medical devices use a wide range of operating systems, hardware and software. Usually, manufacturers do not allow their customers to install software, including security agents, on their devices. In the case of Access:7, PTC relies on device manufacturers to install the Axeda agent before their devices are sold to customers, which is commonly referred to as an original equipment manufacturer (OEM) approach. Administrators can only minimize the risk by ensuring that these devices are not remotely accessible via the Internet or are appropriately secured.
Advertising
