Preface: A defibrillator is a device that gives a high energy electric shock to the heart of someone who is in cardiac arrest.

What is Defibrillator Dashboard ? A Web-based application provides ability to login. The Dashboard contained monitoring the defibrillators function.

Vulnerability details: The U.S. Department of Homeland Security urges the medical industry to be vigilant about design weaknesses in ZOLL products (defibrillator dashboards). The official articles can be found in following url – https://us-cert.cisa.gov/ics/advisories/icsma-21-161-01

Security Focus: According to attached diagram, CVE-2021-27489 contain critical risk. Medical environment especially hospital will be installed the medical equipment in a separate network. In order to prevent unknown cyber attack, their solution most likely do not provide internet access function. To avoid cyber criminals to exploit the vulnerability of this product. Perhaps stop internet function on workstation not enough. The hospital should setup alert (correlations firing rules) in their SIEM. When anonymous host connect, it should do the monitoring. Because the anonymous host might be capable of gateway function and let vulnerable products becomes victims.

Workaround: If it is urgent to use the monitoring function remotely. It is highly recommended to use VPN. Detailed information about protection. Please refer to the CISA article.