B. Braun Battery Pack SP with Wi-Fi

Monitor5.5ICS-CERT ICSMA-23-103-01Apr 18, 2023

Attack VectorNetwork

Auth RequiredHigh

ComplexityLow

User InteractionNone needed

Summary

B. Braun Battery Pack SP with Wi-Fi contains a code execution vulnerability (CWE-95) in software versions 053L000091/054U000091 and 053L000092/054U000092 (serial numbers 138853 and higher). A sophisticated authenticated attacker with network access to the Wi-Fi interface could upload arbitrary files, escalate privileges, and execute code on the device. This could interrupt communication between the infusion pump and hospital systems, preventing the pump from receiving medication orders from EMR/PDMS systems, receiving drug library updates, or communicating with DoseTrac dosing software. The infusion pumps themselves are not directly affected, but network communication disruption could prevent these essential clinical features from functioning.

What this means

What could happen

An authenticated attacker could execute arbitrary code on the battery pack Wi-Fi module, potentially disrupting network communication and preventing the infusion pump from receiving medication orders or library updates from hospital systems.

Who's at risk

Hospital facilities using B. Braun Battery Pack SP infusion pumps with Wi-Fi capability, particularly those relying on automated medication order delivery from EMR/PDMS systems and drug library updates. Affects clinical staff and medication administration workflows.

How it could be exploited

An attacker with valid credentials (engineering or maintenance access) and network access to the battery pack's Wi-Fi interface could upload malicious files and escalate privileges to execute arbitrary code on the device. This could allow them to intercept or block communication between the pump and hospital medication systems.

Prerequisites

Valid engineering or maintenance credentials for the battery pack
Network access to the battery pack Wi-Fi interface
Physical or network proximity to the device

requires high-privilege credentialsnetwork-accessible devicecould disrupt medication deliveryaffects hospital safety systemscode execution capability

Exploitability

Low exploit probability (EPSS 0.7%)

Affected products (1)

ProductAffected VersionsFix Status

Battery pack SP with WIFI: using software 053L000091 (global) / 054U000091 (U.S.) and 053L000092 (global) / 054U000092 (U.S.): SN 138853 and higher053L000091 (global) / 054U000091 (U.S.) and 053L000092 (global) / 054U000092 (U.S.)No fix yet

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDMonitor infusion pump network communications for disruptions; have fallback procedures if EMR/PDMS orders or drug library updates fail to transmit

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate battery pack SP with Wi-Fi firmware from version 053L000091/054U000091 or 053L000092/054U000092 to version 053L000093/054U000093 (global/U.S. versions respectively)

HOTFIXIf operating in Canada with global (non-U) software versions, follow remediation guidance for global version updates

Long-term hardening

0/1

HARDENINGImplement network segmentation and access controls to restrict Wi-Fi interface access to authorized personnel only

CVEs (1)

CVE-2023-0888

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/bf030670-41ef-4d34-95b3-aa6256e6ebe1