Support and Services

Published: Sept. 30, 2024

Description
.NET 6.0 and Visual Studio Denial of Service Vulnerability
CVE-ID and Link: CVE-2024-38095 NVD – CVE-2024-38095 (nist.gov)

Affected Product(s): Vitrea® Advanced Visualization

Version(s): 7.15.7, 7.15.7.SU01, 7.15.8, 7.15.8.SU01, 7.16.0, 7.16.0.SU01, 7.16.0.SU02, 7.16.0.SU03

Deployment Type(s): All

Note: For enterprise systems, this action is necessary for all servers with the affected Vitrea application versions. It is not required for thin client systems.

Recommended Actions
Canon Medical highly recommends that customers manually download and update the Microsoft runtime versions.

Updates can be found here:
https://dotnet.microsoft.com/en-us/download/dotnet/6.0
Install the latest versions of the following: ASP.NET Core Runtime, .NET Desktop Runtime, .NET Runtime

To confirm the updated runtimes are installed, from a Powershell console, issue the following command:
dotnet –list-runtimes

Verify that you see the expected (matching) version of all three runtimes:

• Microsoft.AspNetCore.App
• Microsoft.NETCore.App
• Microsoft.WindowsDesktop.App

Note: This issue will be fixed in a future release.

For questions, contact your account manager or support at +1 952-487-9519.

Published July 26, 2024

NVIDIA has released the following security announcement about CVE-2024-0107:
https://nvidia.custhelp.com/app/answers/detail/a_id/5557

This applies to all users with NVIDIA RTX, Quadro, and Nvidia Data Center GPU (vGPU) cards in their Vitrea deployment(s).

Specific driver updates for the NVIDIA graphics cards are listed below:

RTX/Quadro:

NVIDIA RTX/ Quadro, NVS
Windows
R550 All driver versions prior to 552.74 552.74
R535 All driver versions prior to 538.78 538.78
R470 All driver versions prior to 475.14 475.14

Data Center vGPU:

All versions up to and including 16.6 538.67 16.7 538.78
All versions up to and including 13.11 475.06 13.12 475.14

To protect your system, download and install this software update through the NVIDIA Driver Downloads Portal or, for the vGPU software update, through the NVIDIA Licensing Portal.

NVIDIA Driver Download Portal – vGPU Data Center Driver Download Location:
https://www.nvidia.com/Download/index.aspx?lang-en-us

NVIDIA RTX Server Driver release DCH (Windows Server 2019, Windows Server 2022) 552.74
https://www.nvidia.com/download/driverResults.aspx/228842/en-us/

NVIDIA RTX Server Driver release DCH (Windows 10 64-bit, Windows 11) 552.74
https://www.nvidia.com/download/driverResults.aspx/228841/en-us/

NVIDIA RTX Server Driver release DCH (Windows Server 2019, Windows Server 2022) 538.78
https://www.nvidia.com/download/driverResults.aspx/229004/en-us/

NVIDIA RTX Server Driver release DCH (Windows 10 64-bit, Windows 11) 538.78
https://www.nvidia.com/download/driverResults.aspx/228843/en-us/

NVIDIA RTX Server Driver release Standard (Windows Server 2016) 475.14
https://www.nvidia.com/download/driverResults.aspx/228840/en-us/

For more information: · Contact CMI Customer Support at support@mi.medical.canon

Published: May 28, 2024

Descriptions
Microsoft SQL Server Management Studio (SSMS) v18.12.1 installs an unnecessary software package called Azure Data Studio.

The Microsoft SSMS utility, installed by default in Vitrea AV, deploys an unnecessary software package “Azure Data Studio” that currently carries a high severity vulnerability regarding Improper Access Control (CVE-2024-26203).

Affected Product(s): Vitrea AV
Version(s): 7.16.0.SU01, 7.16.0, 7.15.8.SU01, 7.15.8, 7.15.7.SU01, 7.15.7, 7.15.6

Deployment Type(s): Workstation, Extend, Enterprise Management Server, Enterprise Single Server, Government Enterprise Single Server

Recommended Actions
Canon Medical highly recommends that customers manually remove Azure Data Studio by following these steps.
From the Start menu:

• Right Click the Start button on the task bar.
• Select ‘Apps and Features’ (Programs and Features on some Windows OSs).
• An Apps & Features window will open, and there will be a list of all installed software.
• Search or scroll through the list to find Azure Data Studio.
• Click on Azure Data Studio to highlight and to reveal an uninstall option.
• Click uninstall and then confirm to continue. You may be asked to authenticate with an admin-user account.
• A confirmation will appear once the software has been removed.

Note: This issue will be fixed in a future release.

For questions, contact your account manager or support at +1 952-487-9519.

Published April 13, 2024

SUMMARY

NVIDIA has provided the following Security Announcement:

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses multiple issues.

Specific driver update for vGPU Data Center cards and Quadro video cards is 535.33 for Windows 10/11 and Windows Server 2019/2022.  474.82 for Windows Server 2016.  The 16.4 driver bundle from the Nvidia Driver Download Portal for vGPU Data Center cards.

To protect your system, download and install this software update through the NVIDIA Driver Downloads Portal or, for the vGPU software update, through the NVIDIA Licensing Portal.

Impact assessment and details on these high severity vulnerabilities are available through the NVIDIA Security Advisory provided at the below.

REFERENCES AND SERVICES:

NVIDIA Security Advisory

https://nvidia.custhelp.com/app/answers/detail/a_id/5520

NVIDIA Driver Download Portal – vGPU Data Center Driver Download Location

https://www.nvidia.com/Download/index.aspx?lang=en-us

NVIDIA Windows 10/11 DCH driver

https://www.nvidia.com/download/driverResults.aspx/220140/en-us/

NVIDIA Windows Server 2019/2022 DCH Driver

https://www.nvidia.com/download/driverResults.aspx/220141/en-us/

NVIDIA Windows Server 2016 Standard Driver

https://www.nvidia.com/download/driverResults.aspx/220534/en-us/

RESOLUTION

Canon Medical strongly recommends installing vendor patches and  security updates as soon as possible.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: December 9, 2022

EXECUTIVE SUMMARY

Products that are not affected by this Vitrea View vulnerability:

• Vitrea Advanced Visualization
• Vitrea View 7.8 and above
• Vitrea Read (formerly known as Easy Viz)
• Vitrea Connection
• Rialto products
• Zillion products
• Solution Health (Cloud and On-Prem)
• Any Canon Medical modality

Products that are affected by CVE-2022-37461:

• Vitrea View (versions < 7.8)

RESOLUTION

If you have any questions, please contact our support team.

Published: September 30, 2022

An unscored (as of September 30, 2022) vulnerability, CVE-2022-37461, has been identified in Vitrea View versions prior to 7.7.6.

EXECUTIVE SUMMARY

This vulnerability has two methods of attack – a “pre-authorization” exploit and a “post-authorization” exploit.  Both exploits involve attackers creating URLs that point to vulnerable Vitrea View installations and which contain malicious code, and the “post-authorization” exploit also requires convincing an authenticated Vitrea View user to click on the malicious link.

This vulnerability was brought to Canon Medical’s attention as part of a routine penetration test in a testing environment, was fixed, and was included in Vitrea View 7.7.6, released April 29, 2022. No patient information was accessed or exfiltrated.

Products that are not affected by this Vitrea View vulnerability:

• Vitrea Advanced Visualization
• Vitrea View 7.7.6 and above
• Vitrea Read (formerly known as Easy Viz)
• Vitrea Connection
• Rialto products
• Zillion products
• Solution Health (Cloud and On-Prem)
• Any Canon Medical modality

Products that are affected by CVE-2022-37461:

• Vitrea View (versions < 7.7.6)

RESOLUTION

All customers currently running a version of Vitrea View 7.7.x prior to 7.7.6 should upgrade to the latest Vitrea View version.

Canon Medical recommends that all customers run Vitrea View behind a web application firewall and/or load balancer to provide additional layers of security as part of a “defense in depth” or “zero trust security” posture.

If you have any questions, please contact our support team.

Published: April 07, 2022

Updated: May 30, 2023

Executive Summary

A critical vulnerability, CVE-2022-22965, has been identified in Spring Framework. This vulnerability is affecting the entire software industry, including some Canon Medical Informatics products. Specific combinations of Apache Tomcat and the Spring Boot executable are susceptible to a remote code execution (RCE) vulnerability.

Products that are not affected by SpringShell vulnerability:

• Vitrea Advanced Visualization (all versions prior to 7.14.x)
• Vitrea View
• Solution Health (Cloud and On-Prem)
• Easy Viz
• Zillion products
• Vitrea Connection
• Rialto products

Products that are affected by SpringShell vulnerability:

• Vitrea Advanced Visualization (7.15.x and 7.14.x)

Mitigation:

The remediation recommended for this vulnerability is in the most updated version of the affected product; Vitrea AV

If you have any questions, please contact our support team.

Published: March 15, 2022

Updated: March 22, 2022

VULNERABILITY SUMMARY

The custodians of OpenSSL have shipped patches to resolve a high-severity security flaw in its software library that could lead to a denial-of-service (DoS) condition when parsing certificates.

Tracked as CVE-2022-0778 the issue stems from parsing a malformed certificate with invalid explicit elliptic-curve parameters, resulting in what’s called an “infinite loop.” The flaw resides in a function called BN_mod_sqrt() that’s used to compute the modular square root.

REFERENCES AND SERVICES:

https://nvd.nist.gov/vuln/detail/CVE-2022-0778

https://www.openssl.org/news/secadv/20220315.txt

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/17/openssl-releases-security-updates

RESOLUTION

Canon Medical recommends taking OpenSSL updates as they are made available.

Please use the references above to determine which update is applicable to your OpenSSL deployment.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact  Canon Medical Customer Success.

Published: December 12, 2021      Updated: March 1, 2022

Executive Summary

Critical vulnerabilities, CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832  have been identified in Apache Log4j, a popular Java based logging framework. This vulnerability is affecting the entire software industry, including some Canon Medical Informatics products. Apache Log4j 2.14.1 and below are susceptible to a remote code execution vulnerability where a remote attacker can take full control of a vulnerable machine. As such, it is critical to take immediate actions to mitigate this vulnerability.

Products that are not affected by Apache Log4j vulnerability:

• Vitrea View
• Vitrea Advanced Visualization 6.x
• Solution Health (Cloud)
• Easy Viz
• Zillion
• Rialto Connect and Rialto Vault
• Olea Sphere

– Applications integrated with Vitrea (iCAD, Invia, Medis, Mevis, Mirada, Olea and Tomtec ) are not affected.

Products that are affected by Apache Log4j vulnerability:

• Vitrea Advanced Visualization 7.x
• Vitality XT server
• Vitrea Connection 8.x
• Rialto 7.x
• Solution Health (On-Prem)
• Vitrea DataStream

Recommended actions for mitigation:

External Network

• Update firewall configurations to block outbound connections on the LDAP port. Please contact your IT department to update your firewall configurations. As an example, please see the following industry-recommended mitigation.
• Patch the offending log4j libraries in affected products to remove the specific piece of code that enables the vulnerability.

Internal Network

• For Vitrea Advanced Visualization version 7.6.x, 7.7.x, 7.8.x, 7.9.x, 7.10.x, 7.11.x, 7.12.x, 7.14.x , 7.15.0, 7.15.1 products:
  Please follow this link to download the mitigation instructions: https://www.mi.medical.canon/supportdownloads/AV-17122021A_CVE-2021-44228-E.zip

The latest update is a non-functional update. If your site has already ran a previous version of this mitigation, running this latest version is unnecessary

NOTE* – If you ran the mitigation prior to this update, you will need to run this updated/comprehensive script to mitigate CVE-2021-44832 vulnerability.

• For Vitrea Connection 8.x , Rialto 7.x, Solution Health (On-Prem) products: Please contact customer support for assistance.

Please monitor this website for future updates.

If you have any questions, please contact our support team.

Update: Nov 9, 2021

Published: Nov 12, 2021

Microsoft continues to address this vulnerability involving the windows installer elevation of privilege in Windows operating systems. Similarly to the announcements in recent weeks, a new vulnerability has been discovered. Microsoft has yet to patch this vulnerability.

VULNERABILITY SUMMARY

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the Windows Installer service. By creating a junction, an attacker can abuse the service to delete a file or directory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. **

RELATED LINKS

Nov 23, 2021

MISC:https://www.zerodayinitiative.com/advisories/ZDI-21-1308/

MISC:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379

URL:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379

https://blog.talosintelligence.com/2021/11/attackers-exploiting-zero-day.html

Please continue to monitor these Microsoft links for relevancy to your systems and patch your systems as they become available.

Published: August 11, 2021

Microsoft continues to address multiple high severity vulnerabilities involving the print spooler in most Windows operating systems. Similarly to the announcements in recent weeks, a new vulnerability has been discovered. Microsoft has yet to patch this vulnerability.

VULNERABILITY SUMMARY

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Security patches have not been released as of the Patch Tuesday on August 10, 2021. Microsoft has provided a workaround within the link below.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36958

**

RELATING LINKS:

Jul 15, 2021
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34481
https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872

Please continue to monitor these Microsoft links for relevancy to your systems and patch your systems as they become available.

Update: August 13, 2021

Published: July 2, 2021

Microsoft has released a set of out-of-band updates to remediate these vulnerabilities. These patches are available at the link referenced below.

NOTE: Several vulnerability watchdog publications are challenging the comprehensive efficacy of the latest out-of-band updates released July 7, 2021 citing that similar high severity vulnerabilities remain outstanding. Microsoft has yet to respond to these allegations at the time of this update.

Please continue to monitor Microsoft updates on this evolving issue and follow the guidance as it becomes available.

VULNERABILITY SUMMARY

Microsoft has resolved the vulnerability called “PrintNightmare”, that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability.

This vulnerability affects all Vitrea products that are installed on Windows server operating systems and Windows workstation operating systems.

Microsoft has now provided windows updates to resolve this issue. Please take your windows updates accordingly.

REFERENCES AND SERVICES:

Windows Print Spooler Remote Code Execution Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

RESOLUTION

Canon Medical recommends taking Windows Updates as they are available and check back to this page for updates.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: May 27, 2021

SUMMARY

NVIDIA has provided the following Security Announcement:

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses multiple issues that may lead to code execution, denial of service, escalation of privileges, and information disclosure.

Specific driver update for vGPU and Quadro video cards is 452.96

To protect your system, download and install this software update through the NVIDIA Driver Downloads Portal or, for the vGPU software update, through the NVIDIA Licensing Portal.

Impact assessment and details on these high severity vulnerabilities are available through the NVIDIA Security Advisory provided at the below.

REFERENCES AND SERVICES:

NVIDIA Security Advisory

https://nvidia.custhelp.com/app/answers/detail/a_id/5172

NVIDIA Driver Download Portal

https://www.nvidia.com/Download/index.aspx?lang=en-us

RESOLUTION

Canon Medical strongly recommends installing vendor patches and  security updates as soon as possible.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: May 17, 2021

VULNERABILITY SUMMARY

TOMTEC Imaging Systems GmbH has provided Canon Medical with a vulnerability disclosure.

The TOMTEC-ARENA product is integrated with Vitrea and therefore may affect your deployment if you have purchased TOMTEC-ARENA software.

Impact assessment and details on these vulnerabilities are available through the TOMTEC Vulnerability Disclosure provided below.

REFERENCES AND SERVICES:

TOMTEC Vulnerability Disclosure Information 2021-0001

https://www.vitalimages.com/wp-content/uploads/Vulnerability-Disclosure-Form-2021-0001.pdf

RESOLUTION

Canon Medical recommends updating to the latest version of Vitrea that will contain the TOMTEC-ARENA update once it has been released. Check to this page for updated information.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: January 13, 2021

Adobe stopped supporting Flash Player beginning December 31, 2020 (“EOL Date”), as previously announced in July 2017. In addition, to help secure users’ systems, Adobe blocked Flash content from running in Flash Player beginning January 12, 2021. Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems.

For removal of Adobe Flash plugin from Microsoft Internet Explorer, you may install the security patch by running Windows Update.

VULNERABILITY SUMMARY

Adobe Flash EOL

REFERENCES AND SERVICES:

Windows

Update for Removal of Adobe Flash Player for Windows can be found here KB4577586

Adobe

Standalone

https://www.adobe.com/products/flashplayer/end-of-life.html 

Enterprise

https://www.adobe.com/products/flashplayer/enterprise-end-of-life.html 

For general information on Flash Player’s EOL, please see Adobe’s general FAQ .

RESOLUTION

Canon Medical strongly recommends following this software removal guidance and installing all security patches provided by Microsoft.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: July 29, 2020
Updated: September 10, 2020

VULNERABILITY SUMMARY

Eclypsium researchers have discovered a vulnerability — dubbed “BootHole” — in the GRUB2 bootloader configuration file utilized by most Linux systems that can be used to gain arbitrary code execution during the boot process, even when Secure Boot is enabled. Attackers exploiting this vulnerability can install persistent and stealthy bootkits or malicious bootloaders that could give them near-total control over the victim device.

This configuration file is an external file commonly located in the EFI System Partition and can therefore be modified by an attacker with administrator privileges without altering the integrity of the signed vendor shim and GRUB2 boot loader executables. This could allow an authenticated, local attacker to modify the contents of the GRUB2 configuration file to ensure that the attacker’s chosen code is run before the operating system is loaded.

The vulnerability affects systems using Secure Boot, even if they are not using GRUB2. Almost all signed versions of GRUB2 are vulnerable, meaning virtually every Linux distribution is affected. In addition, GRUB2 supports other operating systems, kernels and hypervisors. The problem also extends to any Windows device that uses Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority. Thus the majority of laptops, desktops, servers and workstations are affected.

Canon Medical is investigating this broad reaching vulnerability to define the scope of products affected and to determine a list of vendors providing relevant updates.

REFERENCES AND SERVICES:

System patching and mitigation guidance is provided by the following vendors:

HPE Servers:

HPE Security Bulletin: https://www.hpe.com/us/en/services/security-vulnerability.html

Impact statement: https://techhub.hpe.com/eginfolib/securityalerts/Boot_Hole/boot_hole.html

• A number of items need updating that are listed within the Impact statement. Such as firmware updates for HPE Service Pack for ProLiant (SPP) and HPE Intelligent Provisioning.

Secure Boot DBX Updater for Windows and UEFI: https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00105191en_us

HP Workstations:

HP Workstations Security Bulletin: https://support.hp.com/us-en/document/c06655639

HP Workstations Security Bulletin:  https://support.hp.com/us-en/document/c06707446

VMware:

VMware Bulletin: https://kb.vmware.com/s/article/80181

Dell Workstations:

Dell Security Bulletin:

https://www.dell.com/support/article/en-us/sln322283/dell-response-to-grub2-vulnerabilities-which-may-allow-secure-boot-bypass?lang=en

Additional Information:

https://www.dell.com/support/article/en-us/sln322287/additional-information-regarding-the-boothole-grub-vulnerability?lang=en

For more information and updates on the GRUB2 vulnerability, visit

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-10713

Carnegie Mellon

https://www.kb.cert.org/vuls/id/174059

RESOLUTION

Canon Medical recommends installing the applicable patches related to your deployment as soon as possible.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: August 11, 2020

Microsoft Corporation has announced an elevation of privilege vulnerability that exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol.

VULNERABILITY SUMMARY

CVE-2020-1472 is an elevation of privilege vulnerability that exsists in Windows’ Netlogon. An unauthenticated user could use MS-NRPC to connect to a domain controller as a domain administrator. An attacker who successfully exploits the vulnerability can run a specially crafted application on a device on the network.

Microsoft adds an important note to their advisory that this patch is the first of two patches to fix this vulnerability. The second patch is slated to be released in Q1 2021.

NOTE: Canon Medical is aware of this critical vulnerability and we are in the process of testing our products in the context of the Phase 1 patch.

REFERENCES AND SERVICES:

Microsoft encourages administrators to review the following resource(s) and apply the necessary patches to affected systems for Phase 1 of the update:

Microsoft CVE-2020-1472

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

RESOLUTION
Canon Medical strongly recommends installing vendor patches and updates as soon as possible.

Patches for all impacted versions can be found at the links in the References section above.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: June 16, 2020

The Department of Homeland Security and CISA ICS-CERT issued a critical security advisory warning covering multiple newly discovered vulnerabilities affecting Internet-connected devices manufactured by multiple vendors.

VULNERABILITY SUMMARY

A networking stack is a software component that provides network connectivity over the standard internet protocols. In this specific case these protocols include ARP, IP (versions 4 and 6), ICMPv4, UDP and TCP communications protocols. The Treck networking stack is used across a broad range of industries (medical, government, academia, utilities, etc.), from a broad range of device manufacturers – a fact which enhances their impact and scope, as each manufacturer needs to push an update for their devices independently of all others.

The impact of these vulnerabilities will vary due to the combination of build and runtime options used while developing different embedded systems. This diversity of implementations and the lack of supply chain visibility has exasperated the problem of accurately assessing the impact of these vulnerabilities. In summary, a remote, unauthenticated attacker may be able to use specially-crafted network packets to cause a denial of service, disclose information, or execute arbitrary code.

NOTE: This is a hardware-centric suite of vulnerabilities. The “Ripple20” is not specific to Canon Medical software.

NOTE: Canon Medical has discovered that related vendor patching for this attack vector has extended beyond the 19 vulnerabilities identified in the original “Ripple 20” announcement by JSOF (see below).

REFERENCES AND SERVICES:

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the following resources and apply the necessary updates to affected systems:

JSOF’s original “Ripple 20” write up:

https://www.jsof-tech.com/ripple20/

Intel® CSME, SPS, TXE, AMT, ISM and DAL Advisory:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html

Workstations:

The vulnerabilities in the Intel product flow downhill to the HP Inc and Dell workstations via the Intel Chipsets. Affected products can be found at the following locations:

HP Inc:

https://support.hp.com/us-en/document/c06655639

Dell Inc:

https://www.dell.com/support/article/en-us/sln321836/dell-response-to-the-ripple20-vulnerabilities?lang=en

https://www.dell.com/support/article/en-us/sln321723/june-2020-intel-platform-update-ipu-2020-1-impact-on-dell-and-dell-emc-products?lang=en

https://www.dell.com/support/article/en-us/sln321727/dsa-2020-143-dell-client-platform-security-update-for-intel-platform-updates-2020-1?lang=en

Servers:

HPE:

https://techhub.hpe.com/eginfolib/securityalerts/Ripple20/Ripple20.html

HPE – ProLiant Gen10 iLO 5 vulnerabilities.

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04012en_us

No other hardware supported by Canon Medical has been determined affected.

RESOLUTION
Canon Medical strongly recommends installing the vendor patches and updates as soon as possible.

Patches for all impacted versions can be found at the links in the References section above.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: March 11, 2020

Updated: March 12, 2020

Microsoft has released a security advisory ADV200005 and has published an update that includes the affected software versions as well as an appropriate patch for each.

Patches and affected software mapping can be found here CVE-2020-0796. You may also install the patch by running Windows Update.

VULNERABILITY SUMMARY

Microsoft is aware of a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target SMB Server or SMB Client.

To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it.

Microsoft will update its advisory listed above when further updates are available.

REFERENCES

MITRE is tracking this vulnerability as CVE-2020-0796.

RESOLUTION

Canon Medical strongly recommends installing this patch as well as all security patches provided by Microsoft.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: January 19, 2020

Microsoft has released a security advisory (ADV200001) that currently only includes workarounds and mitigations that can be applied in order to safeguard vulnerable systems from attacks. At the time of writing, there is no patch yet available for this issue. Microsoft said it is working on a fix, to be released at a later date.

While Microsoft said it was aware that the IE zero-day was being exploited in the wild, the company described these as “limited targeted attacks,” suggesting the zero-day was not broadly exploited, but rather that it was part of attacks aimed at a small number of users. These limited IE zero-day attacks are believed to be part of a larger hacking campaign, which also involves attacks against Firefox users.

VULNERABILITY SUMMARY

A remote code execution (RCE) vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

REFERENCES

This IE RCE zero-day is also tracked as CVE-2020-0674

RESOLUTION

While this vulnerability and its current Microsoft-provided workaround is not anticipated to directly affect Canon Medical Products, deployments of said products include the affected Internet Explorer file(s) listed in the advisory. Corporations should follow their company policies when considering the configuration mitigations provided in the Microsoft Advisory ADV200001 linked above.

Canon Medical will continue to monitor announcements and progress regarding future patching for this vulnerability and will distribute updated communication as needed.

Canon Medical recommends installing the Microsoft Monthly Roll-up Updates.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: January 14, 2020

Microsoft has released security updates to address multiple critical remote code execution vulnerabilities, CVE-2020-0609, CVE-2020-0610 and CVE-2020-0611.

VULNERABILITY SUMMARIES

Windows Remote Desktop Server Vulnerabilities – CVE-2020-0609/CVE-2020-0610

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems RD Gateway via RDP.

The update addresses the vulnerability by correcting how RD Gateway handles connection requests.

CVE-2020-0609/CVE-2020-0610:

• Affects all supported Windows Server versions (Server 2012 and newer; support for Server 2008 ends January 14, 2020);
• Occurs pre-authentication; and
• Requires no user interaction to perform.

The Microsoft Security Advisories for CVE-2020-0609 and CVE-2020-0610 address these vulnerabilities.

Windows Remote Desktop Client Vulnerability – CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect.

The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests.

CVE-2020-0611:

• Affects all supported Windows Server and Workstation versions (Support for Server 2008 and Windows 7 ends January 14, 2020)

The Microsoft Security Advisory for CVE-2020-0611 addresses this vulnerability.

RESOLUTION
Microsoft strongly recommends installing the Windows Updates as soon as possible.

Patches for all impacted versions can be found at the specific CVE links in the summary sections above.

Canon Medical recommends installing the Microsoft Monthly Roll-up Updates.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: October 31st, 2019

Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

VULNERABILITY SUMMARY:

Google is currently not publishing a summary of the vulnerability.

The following is an announcement from the link provided above:

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

REFERENCES:

• MITRE Advisory

RESOLUTION:
Canon Medical recommends checking  your Chrome browser Help->About Google Chrome and confirming that you’re on the latest Chrome update 78.0.3904.87.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: September 23, 2019

Microsoft has released an out of band security updates to address a scripting engine memory corruption vulnerability, CVE-2019-1367 for the following version of Internet Explorer:

• Internet Explorer 11

VULNERABILITY SUMMARY:

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.

REFERENCES:

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the following resources and apply the necessary updates:

• Microsoft Security Vulnerability Information for  CVE-2019-1367

Other useful references:

• MITRE Advisory
• National Vulnerability Database

RESOLUTION:
Microsoft strongly recommends installing the Windows Update as soon as possible.

There is a vulnerability that is being actively exploited in the wild.

Canon Medical recommends installing the Microsoft patches as they are released.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: August 14, 2019

Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems:

• Windows 7 SP1
• Windows Server 2008 R2 SP1
• Windows Server 2012
• Windows 8.1
• Windows Server 2012 R2
• Windows 10

VULNERABILITY SUMMARY:

An attacker could exploit these vulnerabilities to take control of an affected system. Similar to CVE-2019-0708 – dubbed BlueKeep and announced in June 2019 – these vulnerabilities are considered “wormable” because malware exploiting these vulnerabilities on a system could propagate to other vulnerable systems.

REFERENCES:

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the following resources and apply the necessary updates:

• Microsoft Security Vulnerability Information for  CVE-2019-1181
• Microsoft Security Vulnerability Information for CVE-2019-1182

Other useful references:

• Microsoft Security Blog Post: Protect Against BlueKeep
• Microsoft Customer Guidance for CVE-2019-0708
• Microsoft Security Blog Post: Patch New Wormable Vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

RESOLUTION:
Microsoft strongly recommends installing the Windows Update as soon as possible.

Both patches for all impacted versions can be found at the specific CVE links in the References section above.

Canon Medical recommends installing the Microsoft Monthly Roll-up Updates.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: July 19, 2019

DICOM.org has reported the following Security Advisory:

VULNERABILITY SUMMARY

The DICOM Standards Organization has reported a data validation vulnerability in the preamble defined by the DICOM File format. According to this report, the vulnerability is exploitable by embedding executable code into the 128-byte preamble. A malicious actor could modify a DICOM file preamble so that it is treated as both an executable program and as a DICOM file. A user might be somehow convinced to execute the file.

Note:

The DICOM Network Communications protocol between modalities, PACS, and display systems does not transmit a preamble and is not subject to this vulnerability.

References:

DICOM FAQ Response to 128-byte preamble vulnerability

RESOLUTION

Review link provided above for details and vulnerability scenarios.

For Canon Medical customers, always exercise caution by reviewing or AV (Antivirus)  scanning the contents of any portable media (CDs, USBs, etc.) to determine that all files are legitimate DICOM files. Canon Medical recommends that affected users reach out to their specific AV vendor to determine if their solution properly scans for the affected file type. In the situation where an AV solution cannot be installed, affected users should take steps to make sure that they have processes and procedures in place to scan portable/removable media for suspicious files before introducing the media into their medical networks.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: June 20, 2019

Microsoft® has provided the following Security Bulletin for the Remote Desktop Services Remote Code Execution Vulnerability (a.k.a. BlueKeep) Vulnerability CVE-2019-0708:

VULNERABILITY SUMMARY
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.

The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

References:

• CVE-2019-0708 – From the National Vulnerability Database
• CVE-2019-0708 – Microsoft Security Announcement

Only impacted versions are listed:

• Windows 7 for X64-based Systems Service Pack 1 for Vitrea 6.x and Vitrea 7.x
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 for Vitrea 6.x

RESOLUTION
Microsoft strongly recommends taking the Windows Update as soon as possible.

The required patches for all impacted versions can be found here.

Canon Medical recommends taking the Microsoft Monthly Updates.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: June 17, 2019

Hewlett Packard Enterprise has provided the following Security Bulletin:

VULNERABILITY SUMMARY
Vulnerabilities discovered in HPE Integrated Lights-Out 4 (iLO 4) for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers could be exploited remotely to allow Cross-Site Scripting (XSS), Unauthorized Data Injection, and Buffer Overflow.

References:

• CVE-2019-11982 – Cross-Site Scripting (XSS)
• CVE-2019-11983 – Buffer overflow in CLI
• CVE-2018-7117 – Cross-Site Scripting (XSS)

Only impacted versions are listed:

• HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers 1.39 and earlier
• HPE Integrated Lights-Out 4 (iLO 4) 2.61b and earlier

RESOLUTION
HPE has provided updated firmware for Integrated Lights-Out 4 (iLO 4) for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 to resolve these issues.

• For iLO 4 (GEN 9), acquire firmware version 2.70 (or later) here and install it
• For iLO 5 (GEN 10), acquire firmware version 1.40 (or later) here and install it

Hewlett Packard Enterprise strongly recommends the information in this Security Bulletin should be acted upon as soon as possible.

Canon Medical recommends subscribing to the Hewlett Packard Enterprise Security Bulletins for future security updates.

Disclaimer: When following any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions, please contact Canon Medical Customer Success.

Published: June 3, 2019

HPE has provided the following Security Announcement:

On May 14, 2019, Intel and other industry partners shared details and information about a new group of vulnerabilities collectively called Microarchitectural Data Sampling (MDS).  These security vulnerabilities in CPUs may allow information disclosure. Intel is releasing microcode updates (MCU) to mitigate these potential vulnerabilities. These are coupled with corresponding updates to operating system and hypervisor software.

More details are available through CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, and the Intel Security Advisory.

Impact assessment for HPE Products is available here.

Additional details on HPE Support Center.

Disclaimer: If you follow the any of the links provided you will be leaving Canon Medical’s website. Canon Medical is not responsible for the content, security or availability of linked sites.

If you have any questions please contact Canon Medical Customer Success.

Published: December 19, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.

For more details and a full list of affected systems, click here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653

If you have any questions please contact Customer Success.

CVE-2018-0886 | CredSSP Remote Code Execution Vulnerability

CVE-2018-8174 | Windows VBScript Engine Remote Code Execution Vulnerability

CVE-2018-8120 | Win32k Elevation of Privilege Vulnerability

Published: March 29, 2018

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

For more details and a full list of affected systems, click here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038

If you have any questions please contact Customer Success.

Published February 1, 2018

A critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.

A full summary containing current mitigations, affected products and plans for patching can be accessed here: https://helpx.adobe.com/security/products/flash-player/apsa18-01.html

Adobe will address this vulnerability in a release planned for the week of February 5.

For the latest information, users may monitor the Adobe Product Security Incident Response Team blog.

Please refer to this Software Security Updates page for the latest information from Canon Medical and contact Customer Success if you have any questions.

Meltdown and Spectre Side-Channel Vulnerabilities

The United States Computer Emergency Readiness Team (US-CERT), a division of the Department of Homeland Security, has released the following alert regarding the security vulnerabilities “Meltdown and Spectre.” The formal source for this alert is hosted here: US-CERT: Meltdown and Spectre Side-Channel Vulnerabilities.
Original release date: January 03, 2018

This is a broad-based set of vulnerabilities that requires security patching from many contributors (e.g., hardware vendors, Microsoft, VMWare, etc.) for complete remediation. The Intel chipsets that Canon Medical’s software runs upon are directly affected by this finding.

US-CERT advises that the changes to accommodate/remediate this issue could impact one or more of our applications. As patches become available, we will test our applications in their context and provide our customers with any specific cautions or additional instruction.

Please refer to this Software Security Updates page for the latest information from Canon Medical and contact Customer Success if you have any questions.

Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11

Canon Medical strongly recommends installing the latest security updates from Microsoft as soon as they are made available.

Canon Medical recommends applying MS17-010 to all your Vitrea platforms to protect against the WannaCry malware.

• VitreaAdvanced / Vitrea® Advanced Visualization
  • enterprise deployment
  • Vitrea Workstation or workstation deployment
  • Vitrea Extend or extend deployment
• Vitrea View
• Vitality XT

If you cannot download the Windows update the Workaround can also be found in the link below to protect the system(s).

For more information see the Microsoft Security Bulletin MS17-010 – Critical.  If you have any questions please contact Customer Success.

Canon Medical recommends deploying a version of VMware Tools on Vitrea Advanced servers that does not result in this behavior. The table below shows the currently recommended versions.

Adobe has released a critical security bulletin and related security updates for Adobe Reader for Windows. Canon Medical recommends users update their product installations to the latest versions.

• Users of Adobe Reader XI (11.0.20) and earlier versions should update to version 11.0.21.
• Users of Adobe Reader DC Classic (2015.006.30306) and earlier versions should update to version 2015.006.30352.

For more information, see the Adobe Security Bulletin released on January 10, 2017 and recently updated via CVE-2017-3124.

To upgrade Adobe Reader, downloads can be found here.

All third party marks are property of their respective owners and have protection in the United States and/or other countries.

Adobe has released security updates for Adobe Flash for Windows. Canon Medical recommends users who have installed Adobe Flash to view Help and Training videos update their product installations to the latest versions. Canon Medical does not distribute Adobe Flash but it can be used with the Canon Medical products.

• Users of the Adobe Flash Player for Windows should update to Adobe Flash Player 18.0.0.209.

For more information, see the Adobe Security Bulletin released on July 14, 2015. This vulnerability is also known as ActionScript 3 opaqueBackground and BitmapData classes of Flash Player Exploitation CVE-2015-5122, CVE-2015-5123.

If you wish to upgrade Adobe Flash the latest update downloads can be found here.

On April 26, 2014 Microsoft announced a high impact vulnerability that affects Internet Explorer versions 6 through 11. This vulnerability could allow remote code execution on any system that is using these versions of Internet Explorer. On May 1, Microsoft released a patch that fixes this exposure.

Canon Medical has tested the patch to this vulnerability and confirmed that installing the patch does not negatively impact any Vitrea® products.

Canon Medical strongly recommends that all organizations apply this patch as soon as possible to all systems running any Vitrea software.

References:
Microsoft Security Advisory 2963983 – https://technet.microsoft.com/library/security/2963983
National Vulnerability Database – http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1776

Canon Medical has tested our Vitrea® software and confirmed that we are not affected by the Heartbleed virus.

If you have any questions on either of these issues, please call Canon Medical Customer Support at support@mi.medical.canon or 800.208.3005.

Microsoft^®, Windows^® and Microsoft Windows Server^® are registered trademarks of Microsoft Corporation.

Adobe^®, Flash^® and Reader^® are registered trademarks of Adobe Systems Incorporated.

Canon Medical is a trademark of Canon Medical Informatics, Inc. Marks not owned by Canon Medical are the property of their respective holders.