A high-severity vulnerability has been identified in the application software of multiple Radiometer products. This flaw could allow a remote attacker to execute arbitrary code and gain unauthorized management control over affected devices if certain internal conditions are met, potentially leading to system compromise and operational disruption.

The vulnerability exists within the application software layer of the affected Radiometer products. An unauthenticated, remote attacker could potentially exploit this flaw by sending specially crafted data to the device. When specific, undisclosed internal conditions within the application are met, this crafted data can trigger a state that allows for remote code execution (RCE) or enables unauthorized device management functions, bypassing standard security controls.

This vulnerability is rated as High severity with a CVSS score of 7.2. Successful exploitation could have a significant business impact, including complete system compromise. An attacker could take full control of the affected medical devices, potentially leading to the theft of sensitive patient or operational data, disruption of critical diagnostic services, and manipulation of device settings. This poses a direct risk to operational integrity, data confidentiality, and could create a pivot point for broader network intrusion.

Immediate Action: Apply the security patches provided by the vendor to all affected systems immediately, prioritizing any devices that are internet-facing or accessible from less trusted network zones. After patching, verify that the patch has been successfully installed and the system is functioning correctly.

Proactive Monitoring: Implement enhanced monitoring for affected devices. Security teams should look for unusual network traffic patterns to or from the devices, unexpected reboots or configuration changes, and anomalous processes or system behavior. Review device and network access logs for connections from unauthorized IP addresses or attempts to access management interfaces.

Compensating Controls: If immediate patching is not feasible, implement compensating controls to reduce the risk of exploitation. Isolate affected devices from the internet and segment them onto a protected network zone with strict access control lists (ACLs) and firewall rules. Limit network access to only authorized administrative hosts and services.

Public Exploit Available: false

Given the high severity (CVSS 7.2) and the potential for remote code execution, it is critical that organizations identify all affected Radiometer products within their environment and prioritize remediation. The immediate focus should be on applying the vendor-supplied security patches to all internet-facing systems. While this vulnerability is not yet listed in the CISA KEV catalog, its high impact warrants urgent attention. Organizations unable to patch immediately must implement the recommended compensating controls, such as network segmentation, to mitigate the risk of compromise.