OTPulse
FeedAboutContact

BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application

Monitor4.6ICS-CERT ICSMA-24-254-01Sep 10, 2024
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

CWE-319 (Cleartext Transmission of Sensitive Information). The BPL Be Well Android Application (version 3.64 and earlier) and PWS-01-BT device transmit sensitive health information without adequate encryption, allowing an attacker on the same local network to intercept and modify patient data in transit. BPL Medical Technologies has not provided a patch and does not plan to mitigate this vulnerability. The vulnerability is not remotely exploitable and requires the attacker to be on the adjacent network segment.

What this means
What could happen
An attacker on the same local network could intercept and modify data being transmitted by the BPL Be Well app or PWS-01-BT device, potentially altering patient information or health monitoring data in transit.
Who's at risk
Healthcare facilities using BPL's Be Well mobile app for patient monitoring and the PWS-01-BT wearable device. This affects any clinical setting where patient vital signs or health data are transmitted wirelessly or over networks, including remote patient monitoring programs and hospital systems relying on this app for health data collection.
How it could be exploited
An attacker must be on the same local network (adjacent network segment) as the device or app and can intercept unencrypted or weakly encrypted communications. This could involve passive eavesdropping or man-in-the-middle attacks to modify transmitted data without requiring authentication or user interaction beyond the user already using the app.
Prerequisites
  • Attacker positioned on same local network or adjacent segment as the Be Well app or PWS-01-BT device
  • Ability to perform network traffic interception (e.g., ARP spoofing, network sniffing tools)
  • No authentication required to intercept communications
No patch available from vendorAffects patient health data integrityLocal network access required but easy to achieve in healthcare environment with multiple wireless networksNo authentication required to intercept
Exploitability
Moderate exploit probability (EPSS 3.1%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
Be Well Android Application: <=3.64≤ 3.64No fix (EOL)
PWS-01-BT: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/5
Do now
0/3
HARDENINGIsolate the PWS-01-BT device and systems running Be Well app from internet-facing networks and place them behind a firewall
HARDENINGSegment the network so the medical device/app is on a separate network from business systems and the internet
WORKAROUNDContact BPL Medical Technologies support to request guidance on available mitigations and timeline for security updates
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGIf remote access is required, implement a VPN with current security patches and strong authentication
HARDENINGPerform encryption audit on all communications from Be Well app and PWS-01-BT to ensure all sensitive data is encrypted in transit (TLS 1.2 or higher)
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/6f97821e-a65b-4743-b5e9-13b6c5b600cc
BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application | CVSS 4.6 - OTPulse