Miele PG 8528/PG 8527/PG 8535/ PG 8536 washer-disinfector 에 대한 현장 안전성 서한

Field Safety Notice

2017-04-05

Slovenia

AMPMDRS

The purpose of this correspondence is to bring an it security vulnerability to your attention affecting a machine type in use at your site which was discovered in the course of a penetration test carried out by an it security expert. this only applies to machines which are actually connected to an in- house network. all other machines are not affected and are therefore not at risk. the following applies to machine in a network: • in the event of an attack on the in-house network of a hospital, a laboratory or a surgery, there is a risk that data from miele washer-disinfectors can be read out and/or replaced. this data is for the most part binary code. • theoretically, a hacker with criminal intent could attempt to make abusive use of this data in order to obtain access to the programme controls and to manipulate these. if pursued to the limit, hackers could even, after further data analysis and with a knowledge of instrument reprocessing, try to falsify cycle records with a view to covering up manipulation. the same applies to unauthorised actions on the part of persons with legal access to the appropriate network. • to date, there has been no evidence indicating that such an incident has ever occurred. such targeted manipulation of data, as described above, would require considerable effort and an in-depth knowledge of this highly specific machine software. miele considers the risk of a hacker successfully carrying out the multi-stage manipulation described above and causing a potential threat to the health of patients to be extremely low. .