You have successfully logged out.

search
menu
close
What are you looking for?
close close

Wednesday, November 17, 2021

11/2021 B. Braun Statement on Cybersecurity Vulnerability with Nucleus:13

B. Braun ensures high security standards throughout the product life cycle by using globally accepted standard test and verification methods. We have established processes to monitor the latest vulnerabilities, threats, or risks and will proactively implement measures as required.

1      Executive Summary

Cybersecurity firm Forescout Research Labs has discovered and disclosed 13 vulnerabilities Nucleus TCP/IP stack.

 

The vulnerabilities affect versions of the Nucleus Real-time Operating System. Researchers have discovered vulnerabilities in multiple TCP/IP stacks in which ISNs (Initial Sequence Numbers within TCP connections) are improperly generated. This is leaving devices’ TCP connections open to attacks.

 

B. Braun’s first analysis determined that NONE of our connected devices 
 

  • Infusion system SpacePlus®
  • Infusion system Space®  
  • Infusion system compactplus®
  • Clinical IT Solution OnlineSuite
  • Dialog+® Dialysis Machine
  • OMNI® Acute Blood Purification System
  • Dialog iQ® Dialysis Machine 

    are affected.  

 

 

2      Recommandations

Not applicable as none of our products use the affected software.

 

 

3      References

Website Forescout Labs – Security Researcher Nucleus – Forescout

 

 

4       Contact information

You can contact our global security team if you have any further questions, require detailed technical information, or any other support issue concerning Cybersecurity. 
 

You can send an email productsecurity@bbraun.com.

Stay connected with My B. Braun

We want to offer individual services via our business customer portal “My B. Braun”.  Please help us to adapt our portal and services to your needs. 

person_outline Attend survey now!