Vigilant Ops Insight Is a Cloud-Based Platform for Creating, and Automatically Maintaining, Medical Device Cybersecurity Bill of Materials
Total Page:16
File Type:pdf, Size:1020Kb
Cybersecurity Command Center Booth 400 – 114 Vigilant Ops Insight is a cloud-based platform for creating, and automatically maintaining, medical device Cybersecurity Bill of Materials File Help Jane Doe Jane Doe Status: Basic UPGRADE Status: Premium UPGRADE DASHBOARD > CARDIOSTART XL > MICROSOFT SILVERLIGHT Welcome to the CVE-2017-0283 Cybersecurity Bill of Materials Generator Review Cybersecurity Bill of Materials Doesn’t look right? Click here to upload a different CBOM. Current Description CVSS Severity Now generating a CBOM for any device is as easy, as well… 1, 2, 3! Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, v3.0: 8.8 High Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, v2.0: 9.3 High 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Device Name Model Version Operating System Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, Capture RTC CAP-RTC 3.0.1 Windows 8 and Microsoft Silverlight 5 when installed on Microsoft Windows allows a remote Device Description code execution vulnerability due to the way it handles objects in memory, aka Device allows doctors to see inside the body. It uses a combination of X-rays and a computer to create pictures of your "Windows Uniscribe Remote Code Execution Vulnerability". organs, bones, and other tissues. This CVE ID is unique from CVE-2017-8528. Impact Software Name Version Component CPE Adobe Silverlight 5.1.1.25 Discovered SCAN YOUR REVIEW SAVE YOUR CVSS v3.0 Severity and Metrics CVSS v2.0 Severity and Metrics CANCEL 1 DEVICE 2 COMPONENTS 3 CBOM Base Score: 8.8 HIGH Base Score: 9.3 HIGH Google Google Chrome 71.0.3578.98 Discovered Vector:AV:N/AC:L/PR:N/UI:R (V3.0 legend) Vector:(AV:N/AC:M/Au:N/C:C (V2 legend) Impact Score:5.9 Impact Score:10.0 Google Silverlight 5.1.1.25 Discovered Exploitability Score:2.8 Exploitability Score:8.6 Oracle Java 8 Update 191 8.0.1910.12 Discovered Attack Vector (AV):Network Attack Vector (AV):Network Attack Complexity (AC):Low Attack Complexity (AC):Medium McAfee Silverlight 5.1.1.25 Discovered Privileges Required (PR):None Authentication (AU):None CREATE CBOM User Interaction (UI):Required Confidentiality (C):Complete Microsoft Silverlight 5.1.1.25 Manually Added Scope (S): Unchanged Integrity (I):Complete Confidentiality (C):High Availability (A):High Integrity (I):High Additional Information: Date Generated Availability (A):High Victim must voluntarily interact with attack mechanism 24 Sep 2019 Allows unauthorized disclosure of information Allows unauthorized modification Allows disruption of service CANCEL BACK CONTINUE Launch the Vigilant Ops Insight CBOM Generator to Vigilant OpsMo Insightre Details platform searches the NVD database Automated creation and continuous maintenance of CBOMs generate CBOMs in a few easy steps to matchTo view more details on CVEs this software component for vulnerability, softwa visit the Nationalre Vulnerability comp Database onent. s Vigilant Ops Insight monitors sources of vulnerability data and translates disparate information into real-time actionable insight! 100% 81% Percentage of medical device Increase in vulnerabilities in manufacturers responsible for third-party components in 2019 monitoring the security of third- compared to the previous year. party software components utilized in their devices. Get In Touch Vigilant Ops, Inc. www.vigilant-ops.com 8085 Saltsburg Rd. [email protected] Pittsburgh, PA 15239 (412) 889-7085.