Medtronic releases patches to fix flaws in cardiac connected devices

Listen
Text
  • Small
  • Medium
  • Large

Medtronic has made updates to its CareLink 2090 Programmer and CareLink Encore 299901 Programmer to fix vulnerabilities that if exploited could allow external parties to download malicious software on the connected devices, the company announced Jan. 30.

In October 2018, Medtronic issued a statement warning consumers about updating their CareLink devices via the software distribution network. The company disabled the SDN for programmer updates, leaving hospitals to rely on the UBS update method.

Medtronic discovered that the vulnerabilities found the SDN download process could allow cybercriminals to update the devise with non-Medtronic software. Since 2018, Medtronic said that there have been zero reports of cyberattacks, data breaches or patient harm associated with the vulnerabilities.

The CareLink 2090 programmer is a portable computer system used to program and manage cardiac devices in hospitals. The CareLink Encore programmer allows clinicians to send data on patients' heart rate automatically to a connected system.

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars