You have successfully logged out.

Wednesday, November 17, 2021

11/2021 B. Braun Statement on Cybersecurity Vulnerability with Nucleus:13

B. Braun ensures high security standards throughout the product life cycle by using globally accepted standard test and verification methods. We have established processes to monitor the latest vulnerabilities, threats, or risks and will proactively implement measures as required.

1 Executive Summary

Cybersecurity firm Forescout Research Labs has discovered and disclosed 13 vulnerabilities Nucleus TCP/IP stack.

The vulnerabilities affect versions of the Nucleus Real-time Operating System. Researchers have discovered vulnerabilities in multiple TCP/IP stacks in which ISNs (Initial Sequence Numbers within TCP connections) are improperly generated. This is leaving devices’ TCP connections open to attacks.

B. Braun’s first analysis determined that NONE of our connected devices

Infusion system SpacePlus®
Infusion system Space®
Infusion system compactplus®
Clinical IT Solution OnlineSuite
Dialog+® Dialysis Machine
OMNI® Acute Blood Purification System
Dialog iQ® Dialysis Machine

are affected.

2 Recommandations

Not applicable as none of our products use the affected software.

3 References

Website Forescout Labs – Security Researcher Nucleus – Forescout

4 Contact information

You can contact our global security team if you have any further questions, require detailed technical information, or any other support issue concerning Cybersecurity.

You can send an email productsecurity@bbraun.com.

Stay connected with My B. Braun

With your personalized account, your online experience will be easier, more comfortable and safe.

person_outline My B. Braun