Publication Date: 03/30/2020
Last Updated: 08/10/2020
Abbott is proactively monitoring developments related to the recently identified vulnerabilities in third-party Bluetooth Low Energy (BLE) components, commonly referred to as “SweynTooth”. According to published reports, including the CISA Alert1, the vulnerabilities expose flaws in specific BLE components from multiple chip manufacturers that could allow an unauthorized user to interrupt BLE communication or bypass security.
Most Abbott products are unaffected by this advisory. For those products that do use the impacted BLE implementations, Abbott has thoroughly performed testing to determine whether there could be any potential impact on product performance and safety as a result of these vulnerabilities.
Abbott’s product security and quality teams are working closely with our chip suppliers to determine if any other devices that use BLE components similar to those named in the advisory could be affected. There are currently no known exploits of Abbott products related to SweynTooth.
Affected Products
Abbott is providing the list below to assist customers in identifying Abbott products that use BLE components potentially vulnerable to SweynTooth. The list below is subject to change based on updated information2 related to impacted BLE components, BLE manufacturer actions and additional product evaluation.
Product | Impact | Remediation |
Confirm RxTM | Abbott has confirmed that Confirm RxTM is using one of the SweynTooth vulnerable components. | There are no safety issues associated with the Confirm Rx device and no intervention is required. |
Additional Information
Customers interested in additional information regarding patches, procedures or configuration changes on any Abbott products should contact their Abbott assigned account or customer support representative.
Abbott is committed to ensuring the safety and security our products. For more information on Abbott’s product cybersecurity program here.
References
1. Cybersecurity and Infrastructure Security Agency (CISA), ICS Alert (ICS-ALERT-20-063-01) SweynTooth Vulnerabilities. Accessed March 12, 2020, https://www.us-cert.gov/ics/alerts/ics-alert-20-063-01
2. Asset Research Group: SweynTooth, July 14, 2020 Update - https://asset-group.github.io/disclosures/sweyntooth/
Please be aware that the website you have requested is intended for the residents of a particular country or region, as noted on that site. As a result, the site may contain information on pharmaceuticals, medical devices and other products or uses of those products that are not approved in other countries or regions.
The website you have requested also may not be optimized for your specific screen size.
FOLLOW ABBOTT