
Remote Code Execution on the Smiths Medical Medfusion 4000 - 68c12c16
https://github.com/sgayou/medfusion-4000-research/blob/master/doc/README.md
======
exikyut
It's so sad to me to see that this only has 5 points over 8 hours, and no
comments.

This is remarkably well-written, goes into a very reasonable amount of depth
(only eliding context-specifically sensitive material) and demonstrates an
appropriate level of thoroughness. Most importantly it highlights the critical
significance of further research into medical devices.

Last time I happened to be in an ER triage unit I remember noting that the
blood pressure monitors decidedly _weren 't_ networked, and they verified the
pulse measurements manually (by counting) as well.

It's clear that BP/pulse is such an important measurement that strict
redundancy is the standard, but IMO it would be awesome to see the same
attitude applied to the manufacturing stages of all devices in medical
environments.

------
brokenmachine
Wow, great writeup and very interesting but I wish I was smart enough to
understand all the stuff happening in this.

