OTPulse
FeedAboutContact

BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System

Monitor6.8ICS-CERT ICSMA-20-091-01Mar 31, 2020
Attack VectorPhysical
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System Version 1.6.1 utilizes kiosk mode to restrict user access to the medication dispensing interface. This kiosk mode is vulnerable to local breakout attacks, which allow an attacker with physical access to escape the restricted interface and access the underlying operating system, potentially viewing or modifying sensitive medication data, patient records, and system configurations. CWE-693 (Protection Mechanism Failure).

What this means
What could happen
An attacker with physical access to a Pyxis MedStation or Anesthesia system could escape the kiosk mode interface and access the underlying operating system, allowing them to view, modify, or delete medication records and operational data.
Who's at risk
Healthcare facilities using BD Pyxis MedStation or Pyxis Anesthesia ES System should care about this vulnerability. This affects pharmacy staff, anesthesia technicians, and any clinical personnel who manage medication dispensing and inventory through these devices. The risk is highest in unsecured areas where the devices may be left unattended or accessible to visitors.
How it could be exploited
An attacker with physical access to the device can perform a kiosk mode breakout by exploiting the weak isolation of the kiosk application from the underlying operating system. Once escaped, they can access files and system resources directly, including sensitive medication and patient data stored locally.
Prerequisites
  • Physical access to the Pyxis MedStation or Pyxis Anesthesia ES System
  • Device must be in normal operation (no authentication bypass needed once physical access is obtained)
Requires physical accessNo patch availableLow complexity attackAffects healthcare operations
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (2)
2 pending
ProductAffected VersionsFix Status
Pyxis Anesthesia (PAS) ES System: v1.6.11.6.1No fix yet
Pyxis MedStation ES System: v1.6.11.6.1No fix yet
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGImplement physical security controls: restrict physical access to Pyxis MedStation and Anesthesia devices to authorized pharmacy and clinical staff only. Use locked enclosures or secured mounting in controlled areas.
WORKAROUNDConduct an audit of access logs on affected devices to detect any signs of unauthorized physical tampering or kiosk escape attempts.
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXMonitor for and deploy BD security update when available that strengthens kiosk mode and restricts access to local system resources.
Long-term hardening
0/1
HARDENINGImplement environmental surveillance (cameras, access logs) near Pyxis devices to detect and deter physical tampering.
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c692e9d3-20cd-458e-a64d-1884bbe813ba
BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System | CVSS 6.8 - OTPulse