December 5, 2023

Researches disclosed vulnerabilities known as “PwnedPiper” that left a widely-used pneumatic tube system vulnerable to critical attacks, including a possibility of complete takeover worldwide.

These vulnerabilities can enable an unauthenticated attacker to take over Translogic PTS stations and essentially gain complete control over the PTS network of a target hospital. This type of control could enable sophisticated and worrisome ransomware attacks, as well as allow attackers to leak sensitive hospital information.

Pneumatic tube systems are internal logistics and transport solutions that are used to transport blood samples in hospital settings to diagnostic laboratories securely.

PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S.

Successful exploitation of the issues, therefore, could result in leakage of sensitive information, enable an adversary to manipulate data, and even compromise the PTS network to carry out a MitM attack and deploy ransomware, thereby effectively halting the operations of the hospital.

The details about the nine PwndPiper vulnerabilities are listed as follows –

  • CVE-2021-37161 – Underflow in udpRXThread
  • CVE-2021-37162 – Overflow in sccProcessMsg
  • CVE-2021-37163 – Two hardcoded passwords accessible through the Telnet server
  • CVE-2021-37164 – Off-by-three stack overflow in tcpTxThread
  • CVE-2021-37165 – Overflow in hmiProcessMsg
  • CVE-2021-37166 – GUI socket Denial Of Service
  • CVE-2021-37167 – User script run by root can be used for PE
  • CVE-2021-37160 – Unauthenticated, unencrypted, unsigned firmware upgrade

These flaws which concern privilege escalation, memory corruption, and DOS could be abused to gain root access, achieve RCE or DoS attacks, permit an attacker to maintain persistence on compromised PTS stations via an insecure firmware upgrade procedure, leading to unauthenticated RCE.

Translogic PTS system customers are highly recommended to update to the latest firmware to mitigate any potential risk that may arise out of real-world exploitation of the shortcomings.

Understanding that patient care depends not only on medical devices, but also on the operational infrastructure of a hospital is an important milestone to securing healthcare environments.

3 thoughts on “PwnedPiper Threatens PTS

  1. A fascinating discussion is worth comment. There’s no doubt that that you should publish more on this topic, it may not be a taboo subject but usually folks don’t talk about such topics. To the next! Many thanks!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.