A set of flaws inside PTC’s Axeda plan has recently been discovered to massively impact healthcare and IoT devices since most of them are inadequately secured by hospital networks.
Researchers called the seven critical flaws in Axeda as Access:7. Its operators utilise these flaws inside PTC’s Axeda agent for remote access and management of over 150 connected devices across approximately a hundred vendors.
Some experts rated the three out of seven flaws as critical since it scored around 9.4 in CVSS. They indicated that malicious actors could exploit the vulnerabilities for RCE on devices operating an outdated Axeda agent.
Although Axeda has become obsolete and replaced with ThingWorx, it is still utilised on a few thousand unique devices in some sectors.
Experts also noted that even the less critical flaw can still significantly impact medical devices. Therefore, these problems should be addressed by responsible authorities quickly.
If an attacker gained read access by exploiting the CVE-2022-25249 flaw, they could steal PHI or diagnostics, which they can sell or trade to other entities. Meanwhile, the CVE-2022-25250 could shut down an entire healthcare platform, resulting in a loss of remote service.
The third critical vulnerability known as CVE-2022-25246 could allow threat actors to leverage the VNC connection to customise and tamper any medical information. Hackers can push this to insert compromised code to establish persistence on the network.
Experts warned healthcare institutions regarding threat actors’ malware distribution strategy to exploit the flaws inside Axeda.
According to experts, threat actors could use numerous attack transmitters to gain initial access to abuse Axeda’s critical flaw.
Furthermore, the attackers can infiltrate the internal operational network by being a guest of the Wi-Fi network. Since various network sockets and connected devices are available for access, attackers can exploit these advantages.
Another infection strategy can also be a phishing attack since threat actors can bait medical staff to give up their initial access to the threat actors.
Security against Access:7 shows that patching devices vulnerability versions of Axeda agents should be addressed by them immediately. Fortunately, the PTC has released official repairs and new versions. Device manufacturers should also give their separate updates to customers.