ICSA-22-102-05 · Published 2022-04-12 · View on CISA ICS-CERT ↗

Aethon TUG Home Base Server

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information.

CVEs (5)

CVE-2022-1066 CVE-2022-26423 CVE-2022-1070 CVE-2022-27494 CVE-2022-1059

Remediations

Aethon has implemented a mitigation plan to address these vulnerabilities. Aethon has checked all locations where this product is in use to ensure firewalls are active and to update systems to the newest software (Version 24).
For more information about these issues and the associated mitigation practices, please contact Aethon.

Affected Vendors

Aethon, ST Engineering

Affected Products (1)

Aethon, ST Engineering · TUG Home Base Server a server used to control and communicate with autonomous mobile robots in hospitals < 24

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more