Share this article on:
Five vulnerabilities have been identified in the MesaLabs AmegaView continuous monitoring system used in hospital laboratories, forensics labs, and biotech firms. Two of the flaws are critical command injection vulnerabilities with CVSS severity scores of 9.9/10 and 10/10. The vulnerabilities affect AmegaView Versions 3.0 and prior and were identified by Stephen Yackey of Securifera.
In order of severity, the vulnerabilities are as follows:
- CVE-2021-27447 – CVSS 10/10 – Flaw due to improper neutralization of special elements used in a command, which could allow an attacker to execute arbitrary code.
- CVE-2021-27449 – CVSS 9.9/10 – Flaw due to improper neutralization of special elements used in a command, which could allow an attacker to execute commands in the web server.
- CVE-2021-27445 – CVSS 7.8/10 – Insecure file permissions which could be exploited to elevate privileges on the device.
- CVE-2021-27451 – CVSS 7.3/10 – Improper authentication due to passcodes being generated by an easily reversible algorithm, which could allow an attacker to gain access to the device.
- CVE-2021-27453 – CVSS 7.3/10 – Authentication bypass issue that could allow an attacker to gain access to the web application.
There are currently no public exploits that specifically target these vulnerabilities. Since AmegaView reaches end-of-life at the end of this year, MesaLabs has taken the decision not to release patches to correct the vulnerabilities. Instead, all users of the vulnerable products have been advised to upgrade to newer Viewpoint software compatible with AmegaView hardware.
Should this not be possible, or until it is, it is recommended to locate vulnerable products behind firewalls and to isolate them from the network and ensure they are not accessible from the Internet. If remote access is required, Virtual Private Networks (VPNs) should be required for access, and VPNs should be updated to the most current version.
Prior to implementing any new defensive measures, an impact analysis and risk assessment should be performed.