- Certain BD Pyxis medication and supply management products that connect to Wi-Fi have cybersecurity vulnerabilities that open them up to a key reinstallation attack (KRACK) in which an attacker could access, read, and manipulate encrypted data, warned an April 24 advisory from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).
The vulnerability affects the WPA and WPA2 Wi-Fi protocols used to exchange data traffic between the equipment and the network. Mathy Vanhoef of imec-DistriNet, KU Leuven, discovered the vulnerability and KRACK exploit.
“The four-way hand shake traffic in the Wi-Fi Protected Access WPA and WPA2 protocol can be manipulated to allow nonce reuse resulting in key reinstallation. This could allow an attacker to execute a ‘man-in-the-middle’ attack, enabling the attacker within radio range to replay, decrypt, or spoof frames,” the advisory explained.
BD told the National Cybersecurity and Communications Integration Center (NCCIC) that the Wi-Fi protocol vulnerability affects the following BD Pyxis products: Anesthesia ES, Anesthesia System 4000, Anesthesia System 3500, MedStation 4000 T2, MedStation ES, SupplyStation, Supply Roller, ParAssist System, PARx, CIISafe-Workstation, StockStation System, and Parx handheld device.
The advisory noted that BD has implemented third-party vendor patches through its patch deployment process that resolves the vulnerability for most devices. Updates for some devices require coordination with BD, so the company is in the process of contacting users to schedule and deploy patches.
There is currently no verified instance of the KRACK vulnerability being exploited against BD devices, ICS-CERT noted.
In a product security bulletin, Franklin Lakes, New Jersey-based BD stressed that this vulnerability is not specific to its products, but affects any Wi-Fi devices using the WPA2 protocol. The company said that an attacker would have to be near the equipment to exploit the vulnerability.
“KRACK can be exploited from an adjacent network, however the attack complexity is high as it requires proximity to an affected Wi-Fi access point and significant technical skills. No privileges or user interaction is required to exploit this vulnerability,” BD said.
The company recommends that users implement the following controls to reduce the risk posed by the vulnerability:
• Ensure the latest updates for Wi-Fi access points have been implemented in Wi-Fi-enabled networks
• Ensure appropriate physical controls are in place to prevent attackers from getting within physical range of an affected Wi-Fi access point and client
• Ensure data has been backed up and stored according to individual processes and disaster recovery procedures
The NCCIC advises organizations to perform impact analysis and risk assessment prior to deploying defensive measures.
In a research paper, Vanhoef and fellow researcher Frank Piessens described the vulnerability in more detail.
“All protected Wi-Fi networks use the 4-way handshake to generate a fresh session key. So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, we show the 4-way handshake is vulnerable to a key reinstallation attack,” the researchers explained.
“Here, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying handshake messages,” they noted.
As a result, the researchers were able to decrypt the data as well as inject malicious data into the communications stream. Attackers could use this vulnerability to steal sensitive data, such as PHI, as well as disrupt the functioning of the equipment, with possibly catastrophic results for the patient.
“Despite the security proof of both the 4-way and group key handshake, we showed that they are vulnerable to key reinstallation attacks,” the researchers related, adding that all of the Wi-Fi clients they tested were vulnerable to the KRACK exploit.
“Rather worryingly, our key reinstallation attack even occurs spontaneously if certain handshake messages are lost due to background noise. This means that under certain conductions, implementations are reusing nonces without an adversary being present,” they concluded.