In each of the following cases, the FDA is not aware of any patient injuries or deaths associated with cybersecurity incidents, nor are we aware that any specific devices or systems in clinical use have been purposely targeted. However, left unpatched or otherwise mitigated, these vulnerabilities could allow unauthorized users to access, control, and issue commands to compromised devices, potentially leading to patient harm. Health care facilities can reduce the risk of unauthorized access by implementing recommendations in the safety communications and alerts listed below.

PATCHED USB.Block.v1.3.0.iso

2ff7e9595c