The BlueKeep issue is a remote code execution vulnerability in Remote Desktop Services (RDS) that it can be exploited by an unauthenticated attacker by connecting to the targeted system via the RDP and sending specially crafted requests.
As explained by Microsoft, this vulnerability could be triggered by malware with wormable capabilities, it could be exploited without user interaction, making it possible for malware to spread in an uncontrolled way into the target networks.
Several security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons.
After the release of security updates for the BlueKeep, Siemens started assessing its Healthineers products. Now Siemens has published six security advisories to warn its customers of potential risks,
“Some Siemens Healthineers software products are affected by this vulnerability.” reads an advisory published by Siemens. “The exploitability of the vulnerability depends on the specific configuration and deployment environment of each product. Siemens Healthineers recommends installing the appropriate security patches released by Microsoft.”
The company pointed out that it cannot guarantee the compatibility of Microsoft security patches with products from Siemens Healthineers that are beyond their End of Support.
Impacted products include MagicLinkA, MagicView, Medicalis solutions, Screening Navigator,
For most of the products, the advisories suggest disabling RDP, blocking TCP port 3389, and implementing workarounds suggested by Microsoft.
(SecurityAffairs – Healthineers, BlueKeep)