Cisco Blogs
Share

Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities


April 4, 2018 - 0 Comments

Vulnerabilities discovered by Cory Duplantis from Talos

Overview

Talos has discovered multiple vulnerabilities in Natus NeuroWorks software. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerable devices contain an ethernet connection for data acquisition and connection to networks.

We identified a number of vulnerabilities falling into two classes:

  • Four code execution vulnerabilities
  • One denial of service vulnerability.

The first category allows code execution on the medical device through a specially crafted network packet. The second category can cause the vulnerable service to crash. The vulnerabilities can be triggered remotely without authentication.

Read_more>>

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.