BD is currently monitoring the Microsoft .NET Framework vulnerabilities, which affect any systems using certain authentication certificates within Single Sign-On (SSO) for specific Microsoft .NET Frameworks and additional Microsoft products*.
An attacker who successfully exploits the vulnerability CVE-2019-1083 could cause a denial of service attack. An attacker who successfully exploits the vulnerability CVE-2019-1006 could impersonate a user, which could lead to an elevation of user privileges and access to sensitive application data. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Note: Single Sign-On must be enabled to exploit these vulnerabilities.
BD has provided the list below in order to better help our customers identify any BD products with workstations associated with SSO running Microsoft .NET Frameworks, Windows 10, Window 7, Windows 8.1, Windows 8.1 RT, Windows Server 2008, Windows Server 2012, Windows 2016, Windows Server 2019, Microsoft Identity Model, and SharePoint platforms. This list provided below is not comprehensive and may be updated as more products are identified. It does not indicate the patch or device status.
BD has had no reports of this vulnerability being exploited on a BD product. Patches for BD COR™ system have been tested, validated, and will be deployed during the next scheduled service visit. Patches for BD HealthSight Analytics™, BD Knowledge Portal™, and BD MedMined™ have been tested, validated, and deployed. Patches for BD Identity Management and BD Care Coordination Engine™ have been tested, validated and will be deployed via automated delivery. No customer action is required for those customers who utilize those specific products.
Additionally, BD recommends the following for systems that use Single Sign-On for Microsoft .NET Frameworks, Windows 10, Window 7, Windows 8.1, Windows 8.1 RT, Windows Server 2008, Windows Server 2012, Windows 2016, Windows Server 2019, Microsoft Identity Model, and SharePoint platforms.
Customers that maintain patches independent of BD automated delivery should ensure these actions are performed as the acting responsible entity in order to maintain the correct security posture of the system(s).
The following specific Microsoft .NET Frameworks along with other Microsoft products that affect any systems using Single Sign On (SSO) are listed below:
Note: This vulnerability affects Microsoft .NET Frameworks, which can be standalone or embedded into certain Microsoft Windows Operating Systems (also listed below).
For product or site-specific concerns, contact your BD service representative. If you observe symptoms of this attack, disconnect your system from the network and contact your BD service representative immediately.
https://i.blackhat.com/USA-19/Wednesday/us-19-Munoz-SSO-Wars-The-Token-Menace-wp.pdf