Security Advisory

Product Quick Finder

Choose a category or subcategory

11/2021 B. Braun Statement on Cybersecurity Vulnerability with Nucleus:13

Vulnerability Advisory

1      Executive Summary

Cybersecurity firm Forescout Research Labs has discovered and disclosed 13 vulnerabilities Nucleus TCP/IP stack.

The vulnerabilities affect versions of the Nucleus Real-time Operating System. Researchers have discovered vulnerabilities in multiple TCP/IP stacks in which ISNs (Initial Sequence Numbers within TCP connections) are improperly generated. This is leaving devices’ TCP connections open to attacks.

B. Braun’s first analysis determined that NONE of our connected devices 

  • Infusion system SpacePlus®
  • Infusion system Space®  
  • Infusion system compactplus®
  • Clinical IT Solution OnlineSuite
  • Dialog+® Dialysis Machine
  • OMNI® Acute Blood Purification System
  • Dialog iQ® Dialysis Machine

are affected.  

2      Recommandations

Not applicable as none of our products use the affected software.

3      References

Website Forescout Labs – Security Researcher Nucleus – Forescout

4       Contact information

You can contact our global security team if you have any further questions, require detailed technical information, or any other support issue concerning Cybersecurity. 

You can send an email