11/2021 B. Braun Statement on Cybersecurity Vulnerability with Nucleus:13
Vulnerability Advisory
1 Executive Summary
Cybersecurity firm Forescout Research Labs has discovered and disclosed 13 vulnerabilities Nucleus TCP/IP stack.
The vulnerabilities affect versions of the Nucleus Real-time Operating System. Researchers have discovered vulnerabilities in multiple TCP/IP stacks in which ISNs (Initial Sequence Numbers within TCP connections) are improperly generated. This is leaving devices’ TCP connections open to attacks.
B. Braun’s first analysis determined that NONE of our connected devices
- Infusion system SpacePlus®
- Infusion system Space®
- Infusion system compactplus®
- Clinical IT Solution OnlineSuite
- Dialog+® Dialysis Machine
- OMNI® Acute Blood Purification System
- Dialog iQ® Dialysis Machine
are affected.
2 Recommandations
Not applicable as none of our products use the affected software.
3 References
Website Forescout Labs – Security Researcher Nucleus – Forescout
4 Contact information
You can contact our global security team if you have any further questions, require detailed technical information, or any other support issue concerning Cybersecurity.
You can send an email productsecurity@bbraun.com.