CISA: New ‘high-risk’ cyber vulnerability for Medtronic cardiac device management system
Editor's Note
On June 29, the Cybersecurity & Infrastructure Security Agency (CISA) issued a medical advisory alert "warning of a significant, high-risk vulnerability in Medtronic’s Paceart Optima System, which is used to compile and manage patients’ cardiac device data," the American Hospital Association (AHA) July 6 reports.
According to CISA, the versions of the Medtronic system that are "at risk of exploitation by unauthorized users" are versions 1.11 and prior. The alert warns that hackers can "perform remote code executions or launch denial-of-service attacks," the latter of which "could slow or render the system unresponsive." John Riggi, AHA's national advisor for cybersecurity and risk, reminded healthcare professionals to be aware of "medical device cyber vulnerabilities" that depend on "third-party medical device manufacturers...to develop and deploy patches."
Medtronic is urging healthcare facilities to immediately update the Paceart Optima system to v1.12 in order to mitigate this security risk. CISA’s medical advisory also includes a list of mitigation steps to take until said system update is complete, as recommended by Medtronic.
Free Daily News
- Report: Consistent, purposeful manager-team engagement reduces RN turnover
- Death, hospital readmission less likely for women treated by female doctors
- FDA announces class 1 recalls for infusion pumps, anesthesia workstation
- Study finds workforce readiness gap in new nurses
- Joint replacement manufacturer recalls products after FDA packaging warning
- Gene-edited pig kidney, heart pump combined in transplant surgery milestone
- Catheter sterility concerns prompt Class 1 FDA recall for surgery trays
- Large amounts of personal data possibly stolen in Change Healthcare cyberattack
- AI model helps predict patient decline, drive collaborative care
- One patient’s recovery highlights benefits of outpatient endoscopic spine surgery