Shellshock vulnerability


The U.S. Computer Emergency Readiness Team (US-CERT), a division of the U.S. Department of Homeland Security (DHS), recently released a security advisory about a serious vulnerability (CVE-2014-6271) widely known as Shellshock, which is similar in severity to the Heartbleed vulnerability from April 2014. The bug was uncovered in the Bash command-line interpreter (also known as a "shell") widely distributed in many computer operating systems including Linux, Unix, Berkeley Software Distribution (BSD) and Apple OS X, and on some Microsoft® Windows and Android systems.

We have determined that the safety and security of our manufactured medical devices are not at risk by the Shellshock vulnerability. BD takes product safety and security—along with all information security matters—very seriously. Once we become aware of any vulnerability, we take immediate steps to investigate potential risks to our products and our customer-facing websites and related services.

We continue to monitor and investigate the situation and, as of October 3rd, can confirm that these customer-facing products and systems are secure from the Shellshock vulnerability:

  • Alaris™ PC unit
  • Alaris Systems Manager software web clients
  • Alaris Viewer Suite
  • Axeda and Bomgar Remote Support Services (RSS) and access platforms for Alaris and Pyxis™ technologies
  • BD Customer Portal, available for Pyxis technologies customers at
  • Knowledge Portal analytics solutions for infusion technologies, Pyxis medication and supply technologies, and ventilator therapy
  • External Identity Manager (EIM), at
  • MedMined™ Surveillance Advisor
  • Pyxis technologies
  • Respiratory diagnostics eStore, at
  • The supplier and distributor communication portal, at
  • Teamviewer RSS for ventilation technologies
  • V. Mueller™ online catalog, at

BD continues to investigate the matter and monitor the situation closely. We will update this page with additional, relevant information as it becomes available.

Chat with us
Our live chat is available between the hours of 8.30am - 5.00pm EST, Monday - Friday