SSA-187667 (Last Update: 2019-09-10): DejaBlue Vulnerabilities - Siemens Healthineers Products

Published

2019-09-10 00:00:00 UTC

Summary

Microsoft has released updates for several versions of Microsoft Windows, which fix vulnerabilities in the Remote Desktop Service that are discussed under the name DejaBlue. The vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code on the target system if the system exposes the service to the network.

All Siemens Healthineers products from all business lines have been evaluated. Most Siemens Healthineers products are not affected by the vulnerabilities because they do not provide the option to activate the Remote Desktop Service, implement other controls that mitigate the vulnerabilities, use a version of Microsoft Windows that is not affected, or are not based on Microsoft Windows.

This advisory provides a full list of affected products from Siemens Healthineers and provides recommendations to mitigate the vulnerabilities.