Massive security vulnerability could affect medical devices, ATMs, and industrial devices
Researchers at the cybersecurity firms Forescout’s Vedere Labs and CyberMDX (acquired Forescout) have discovered seven vulnerabilities in PTC’s Axeda platform that they are collectively calling Access:7. Axeda is a cloud platform that allows people to remote access and manage their deployed IoT devices. IoT OEMs (original equipment manufacturers) typically install Axeda on their devices before selling them to customers.
The researchers found that Axeda is most popular for managing medical equipment but it is also being used to manage ATMs, vending machines, asset monitoring and tracking solutions and even manufacturing machinery like industrial cutters.
Three out of the seven vulnerabilities were rated as critical a Certified Information Systems Auditor (CISA) because they can be used attackers to execute malicious code, take full control, access sensitive data and alter the configuration of devices.
CyberMDX has already compiled a l of more than 100 vendors and 150 device models that use Axeda and could be affected these vulnerabilities. Vedere Labs, in the meanwhile, used anonymised customer data from its Global Cyber Intelligence Dashboard and identified over 2,000 unique customer devices running Axeda on the network. Based on the analysis of the data, they came up with the following insights about the affected devices:
This graph shows the dribution of vendors in Foresight’s device pool that use Axeda. Most of the vendors using the platform work in either the healthcare industry or IoT solutions space. (Image credit: Forescout)
Even from a device perspective, more than half the devices in Forescout’s pool running Axeda are healthcare devices. (Image credit: Forescout)
Here, you can see a break-up of the healthcare devices that use Axeda. The platform was found to be most popular in imaging and lab devices. (Image credit: Foresight)
Forescout recommends that IoT network operators identify and inventory devices running the platform, enforce segmentation control and network hygiene and constantly monitor updates released OEMs that could patch these vulnerabilities in the future.
