Banner Mockup

Whitepaper: Microsegmentation in Healthcare

Check out the newest guidance for securing healthcare environments

Threat Intelligence: BD Releases Advisory on Microsoft’s Zerologon Vulnerability

CVE-2020-1472 | Microsoft Netlogon Elevation of Privilege Vulnerability
Cynerio
Nov 8, 2020
Threat Intelligence

Advisory Information

BD posted an advisory on November 6, 2020 regarding the Microsoft Netlogon elevation of privilege vulnerability (CVE-2020-1472), more widely known as Zerologon. 

How Does This Vulnerability Impact BD Healthcare Products?

This is a third-party vulnerability that affects the Netlogon Remote Protocol (MS-NRPC), which allows unauthorized users access to a domain controller via the Netlogon secure channel. Once access has been gained, threat actors can run malicious applications on devices throughout the network, potentially compromising device functionality and network communications. However, in order to connect to the domain controller, the bad actor would have to use MS-NRPC to gain domain administrator access.

Devices Affected

  • BD Infusion Knowledge Portal™
  • BD Intelliport™
  • BD Kiestra™ InoqulA Standalone
  • BD Kiestra™ ReadA Standalone
  • BD Kiestra™ TLA/WCA
  • BD Supply Knowledge Portal™
  • BD HealthSight™ Clinical Advisor
  • BD HealthSight™ Data Manager
  • BD HealthSight™ Diversion Management
  • BD HealthSight™ Infection Advisor
  • BD HealthSight™ Inventory Optimization
  • BD Medication Knowledge Portal™

Note: This vulnerability is not limited to BD devices.

What Can Be Done to Mitigate the Threat & How Can Cynerio Help?

Microsoft is actively working on rolling out patches for this vulnerability in two phases. Until a full solution is available, Cynerio can:

  1. Conduct Deep Packet Inspection (DPI) and discover every device on the network and identify those at risk
  2. Map critical devices affected by this vulnerability
  3. Identify attempted exploits of this vulnerability within your network and send real-time alerts
  4. Automatically configure mitigation policies and ACLs tailored to the network that can be applied using existing security infrastructure to limit the exposure of vulnerable and infected devices

Some Other Helpful Resources

  • https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/third-party-vulnerability-netlogon-elevation-of-privilege-vulnerability-zerologon
  • https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472


read next

Threat Intel: Johnson Controls International (JCI) Hit by Ransomware Attack

Vicki Michaeli
Sep 29, 2023

Threat Intel: Log4j - Critical Zero Day Vulnerability

Cynerio
Dec 13, 2021
Go Back to Blog

Keep your finger on the pulse of Healthcare IoT security

Get Your Free Pass to HIMSS21

August 9 -13, Las Vegas

HOW? Easy! If you are a Healthcare IT Executive and you book a 30-minute call with us before July 30th, you get a free pass (valued at $1295)

Book a Call

*Please note that there is limited pass availability

Product
Healthcare Cybersecurity PlatformPatient Data SecurityNetwork Detection + ResponseComplete Asset VisibilityMedical Device SecurityCynerioLive
Resources
BlogThreat IntelligenceDatasheetsWhite PapersUse CasesVideosWebinars
Company
About UsLeadershipPress ReleasesCareersContact Us
Partners
ResellersDistributorsTechnology & Alliance PartnersMSSPReferral Partners
Follow us
Facebook
LinkedIn
X
© Copyrights Cynerio 2024
Privacy Policy