Swisslog Healthcare Translogic PTS

Act Now9.8ICS-CERT ICSMA-21-215-01Aug 3, 2021

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The Swisslog Healthcare Translogic PTS Nexus Control Panel contains multiple vulnerabilities that could allow an attacker to gain control of the device, escalate privileges, or execute arbitrary code. Affected versions are prior to 7.2.5.7. The vulnerabilities include default credentials (CWE-259), insufficient access controls (CWE-250), integer underflows (CWE-191), buffer overflows (CWE-787), weak authentication mechanisms (CWE-287), and untrusted code execution (CWE-494).

What this means

What could happen

An attacker with network access could take full control of the Translogic PTS Nexus Control Panel, potentially disrupting hospital pharmacy automation systems, altering medication routing or dispensing, or halting operations entirely.

Who's at risk

Hospital pharmacy operations teams and IT managers operating Swisslog Healthcare Translogic PTS systems with Nexus Control Panels. This affects automated medication dispensing, routing, and inventory management in hospital pharmacies.

How it could be exploited

An attacker can reach the Nexus Control Panel over the network, exploit authentication weaknesses (including default credentials) or buffer overflow conditions to gain unauthenticated remote code execution, and then execute arbitrary commands with elevated privileges on the control panel.

Prerequisites

Network access to Nexus Control Panel on its management port
Device running vulnerable version (prior to 7.2.5.7)
Default credentials may be in use or weak authentication may be configured

remotely exploitableno authentication requiredlow complexityaffects critical healthcare operationsdefault credentialsno patch available for at least one vulnerability

Exploitability

Moderate exploit probability (EPSS 7.6%)

Affected products (1)

ProductAffected VersionsFix Status

Nexus Control Panel:< 7.2.5.77.2.5.7

Remediation & Mitigation

0/4

Do now

0/4

HOTFIXUpgrade Nexus Control Panel to version 7.2.5.7 or later as soon as it becomes available

HARDENINGImplement network segmentation to restrict access to the Nexus Control Panel from untrusted networks; allow access only from authorized pharmacy workstations and engineering endpoints

HARDENINGChange any default credentials on the Nexus Control Panel to strong, unique passwords and disable unnecessary accounts

WORKAROUNDDeploy network monitoring to detect and block exploitation attempts targeting known vulnerable endpoints

CVEs (8)

CVE-2021-37163 CVE-2021-37167 CVE-2021-37161 CVE-2021-37162 CVE-2021-37165 CVE-2021-37164 CVE-2021-37166 CVE-2021-37160

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e3c965d5-e999-4700-8682-9c508a5f0368