SOOIL Dana Diabecare RS Products

Plan Patch7.6ICS-CERT ICSMA-21-012-01Jan 12, 2021

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SOOIL Dana Diabecare RS insulin pump and associated AnyDana-A and AnyDana-i applications contain multiple authentication bypass and cryptographic weaknesses (CWE-798 hardcoded credentials, CWE-522 weak encryption, CWE-330 insufficient randomness, CWE-603 use of insecure transport). Successful exploitation allows an attacker with wireless proximity to the pump to read sensitive therapy data, modify insulin delivery settings including bolus and basal rates, bypass authentication, or cause the pump to malfunction. These flaws directly affect patient safety.

What this means

What could happen

An attacker could modify insulin delivery settings, alter therapy parameters, or disable the pump, creating immediate risk to patient safety. Affected devices also have weak authentication and encryption allowing unauthorized access to sensitive medical data.

Who's at risk

Patients using SOOIL Dana Diabecare RS insulin pumps and caregivers using the AnyDana-A or AnyDana-i mobile applications. While not traditional OT, these are medical devices that control critical drug delivery; unauthorized modification poses direct patient safety risk. Healthcare facilities managing diabetic patients and home care settings are affected.

How it could be exploited

An attacker with physical proximity and wireless access to the Dana Diabecare RS pump or AnyDana application could exploit weak authentication mechanisms and hardcoded credentials to pair with the device without authorization. Once connected, the attacker could read or modify insulin dosing parameters, including bolus amounts and basal rates, or crash the pump to cause denial of service.

Prerequisites

Physical proximity to the insulin pump and patient device
Wireless access to the Dana Diabecare RS pump or AnyDana-enabled smartphone/controller
No valid user credentials required - authentication bypass vulnerabilities present
Pump running firmware version prior to 3.0

Affects safety-critical medical devicesNo authentication required for exploitationWeak encryption and hardcoded credentialsLow complexity attack - wireless proximity sufficientNo patch available for versions < 3.0 (end-of-life devices)Default or bypass-able authentication mechanisms

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

Dana Diabecare RS: All< 3.03.0

AnyDana-A: All< 3.03.0

AnyDana-i: All< 3.03.0

Remediation & Mitigation

0/7

Do now

0/7

HOTFIXUpdate Dana Diabecare RS insulin pump firmware to version 3.0 or higher

HOTFIXUpdate AnyDana-A application to version 3.0 or higher

HOTFIXUpdate AnyDana-i application to version 3.0 or higher

WORKAROUNDEnable Airplane Mode on Dana Diabecare RS pump as a temporary workaround if firmware update cannot be immediately applied

HARDENINGMaintain strict physical control and supervision of the insulin pump - do not leave unattended in public or unsecured locations

HARDENINGDo not pair the pump with unauthorized third-party devices or applications

HARDENINGMonitor pump notifications and alerts closely for any unexpected behavior or unintended bolus deliveries

CVEs (9)

CVE-2020-27256 CVE-2020-27258 CVE-2020-27264 CVE-2020-27266 CVE-2020-27268 CVE-2020-27269 CVE-2020-27270 CVE-2020-27272 CVE-2020-27276

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/416cbfc3-1d2b-44ae-9645-00c474aec4df