October 03, 2019

FDA Warns of "Urgent 11" Cybersecurity Vulnerabilities

On October 1, the FDA warned patients, providers, and manufacturers about cybersecurity vulnerabilities that may introduce risks for certain medical devices and hospital networks. The FDA identified 11 vulnerabilities that may allow a remote attacker to take control of medical devices, which may prevent the devices from functioning properly. These vulnerabilities exist in third party software that supports network communications between devices. The FDA recommended that providers advise patients who have medical devices that may be affected and educate patients who are using these medical devices to seek help right away if a malfunction or change occurs. While the FDA is not aware of any confirmed adverse events related to these vulnerabilities, software to exploit these vulnerabilities is already publicly available.