Spacelabs Xhibit Telemetry Receiver (XTR)

Risk Summary

A remote code execution vulnerability called BlueKeep (CVE-2019-0708) exists within the Remote Desktop Protocol (RDP) used by the Microsoft Windows operating systems listed below. An attacker can exploit this vulnerability to perform remote code execution on an unprotected system.

CVEs (1)

Remediations

• Spacelabs has determined the recommended remediation is to update to the newest release v1.2.1 or later. All deployed XTR hardware appliances are capable of update and should be updated. Many Spacelabs products are appliances and users are not intended to perform updates on them. Products or systems that are obsolete or are not able to be patched may use this alternate mitigation step to help protect against BlueKeep:
• Spacelabs also encourages users and administrators to review the Microsoft Security Advisory and the Microsoft Customer Guidance for CVE-2019-0708 and apply the appropriate mitigation measures as soon as possible.
• If you own an XTR device or have any questions about this security advisory, please contact Spacelabs at 1-800-522-7025 and select 2 for technical support. XTR is an appliance that has no user interface, so your service representative can help you to determine the installed version of software on your XTR product and will work to coordinate updates as needed.
• For additional information about this vulnerability, please see the Spacelabs Security Advisory.

Affected Vendors

Affected Products (10)

Affected Sectors

Healthcare and Public Health