Jul 15, 2019
In line with our commitment to continuously improve patient care, BD offers our customers innovative solutions for collecting and analyzing infusion information from the Alaris System.
Jun 13, 2019
BD has been made aware of a potential vulnerability that can impact the Alaris™ Gateway Workstation (Workstation). If exploited, this vulnerability may allow an attacker with malicious intention to remotely install unauthorized firmware. These products are not sold or used in the United States.
Jun 13, 2019
BD has been made aware of a potential vulnerability that can impact Web Browser User Interface on the Alaris™ Gateway Workstation, standalone configuration only. If exploited, this vulnerability may allow an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to specified information on the Web Browser User Interface.
May 15, 2019
BD is aware of and currently monitoring the Remote Desktop Services Remote Code Execution vulnerability. This vulnerability was announced by Microsoft on May 14, 2019. This vulnerability affects any systems that use Remote Desktop Services for Windows XP, Windows 7, Windows 2003 and Windows 2008.
Apr 17, 2019
Microsoft will end support for the Windows 7 Operating System (OS) after January 14, 2020 and for Windows Embedded Standard 7 Service Pack 1 on October 13, 2020. As a result, Microsoft will no longer provide security updates or support for devices running Windows 7.
Jan 29, 2019
Administrator Account Enabled in BD FACSLyric™ Cell Analyzer Systems with Windows 10 Professional
Jan 24, 2019
BD is aware of a Microsoft Windows vulnerability in the task scheduler, which could allow malicious attackers to gain elevated system privileges, if compromised. This vulnerability identified a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface. It has been observed targeting fully patched Microsoft Windows 10 64-bit and Windows Server 2016 operating systems. This is not a BD-specific vulnerability, and there have been no reports of a BD product being affected by this vulnerability.
Oct 2, 2018
This notification provides product security information and recommendations related to a product security vulnerability found in the following BD Kiestra Systems: BD Kiestra TLA, BD Kiestra WCA and BD InoqulA+ specimen processor. The contents of this notification will be disclosed publicly on the BD Product Security website (www.bd.com/productsecurity) and is voluntarily reported by BD with Information Sharing and Analysis Organizations (ISAOs) where BD participates, including the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and the National Health Information Sharing and Analysis Center (NH-ISAC) to optimally reach past and present customers.
Aug 23, 2018
BD has been made aware of a potential vulnerability that can impact various Alaris™ Syringe Pumps sold and used outside of the United States. If exploited, this vulnerability may allow an attacker to gain remote access to devices when connected to a terminal server via the serial port. This potential vulnerability does not affect the Alaris™ Syringe Module sold in the United States.
Aug 9, 2018
BD is aware of a Trojan called Kwampirs, which allows malicious attackers remote access into a compromised computer. This is not a BD-specific vulnerability, and there have been no reports of a BD product being affected by Kwampirs. It has been observed targeting common legacy Microsoft Windows operating systems. Kwampirs affects those systems with enabled network shared drives, outdated or no malware protection and any version of the Microsoft Windows Operating System.