No Smiths Medical products affected by FDA and CISA "URGENT/11" vulnerabilities
Wednesday October 16 2019
On 01 October 2019 the U.S. Food and Drug Administration (FDA) and U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a set of cybersecurity vulnerabilities referred to as "URGENT/11" that have the potential to introduce risks to certain medical devices or hospital networks. These vulnerabilities exist in third-party operating systems and other software that can be used by devices to communicate over a network.
No Smiths Medical products use the affected operating systems or third-party software identified in the FDA and CISA announcements and therefore Smiths Medical products are not exposed to these vulnerabilities.
Smiths Medical monitors for potential vulnerabilities in our products as part of our product security program and will publish updates or additional advisories if new information becomes available.
For more information about this issue, see the FDA notice at: www.fda.gov/medical-devices/safety-communications/urgent11-cybersecurity-vulnerabilities-widely-used-third-party-software-component-may-introduce
or the CISA advisory at: https://www.us-cert.gov/ics/advisories/icsma-19-274-01