Daniel Dos Santos, Head of Security Research, Vedere Labs; Elad Luz, Head of Research, CyberMDX
Forescout’s Vedere Labs and CyberMDX today announced the disclosure of “Access:7”: seven supply chain vulnerabilities found in PTC’s Axeda remote code and management platform outlined in CISA ICS Advisory ICSA-22-067-01.
Three of the vulnerabilities have been rated critical, and successful exploitation could result in full system access, remote code execution, read/change configuration, file system read access, log information access and a denial-of-service condition.
More than 150 device models across more than 100 device manufacturers are potentially affected by these vulnerabilities with the healthcare sector seeing the highest potential impact, followed by financial services and manufacturing. Devices using the impacted Axeda agent include surgical, ventilation and radiotherapy equipment along with several medical imaging and laboratory devices.
Tune in to understand:
• What makes supply chain components so vulnerable and how to increase your awareness
• How Access:7 impacts the healthcare industry as well as financial services and manufacturing organization
• Immediate actions device manufacturers and network administrators should take to mitigate your risk
Daniel Dos Santos, Head of Security Research, Vedere Labs
Elad Luz, Head of Research, CyberMDX, a Forescout Company