Medtronic Paceart Optima System

Risk Summary

Successful exploitation of this vulnerability could result in remote code execution or a denial-of-service condition impacting a healthcare delivery organization's Paceart Optima system.

CVEs (1)

Remediations

• Medtronic recommends updating the Paceart Optima system to v1.12. Contact Medtronic to schedule the update. (mailto:[email protected])
• Medtronic has provided some immediate mitigations that users can apply to mitigate the risk. If running a combined Application and Integration Server, contact Medtronic Paceart Optima System technical support for immediate mitigation actions. For all other configurations, Medtronic recommends the following steps:
• Manually disable the Paceart Messaging Service on the Application Server. 1. Open the "Windows Services" application. 2. Find the 'Paceart Messaging Service.' 3. Right-click the "Paceart Messaging Service" and select "Properties." 4. Select "Stop" to stop running the service and change the startup type to "Disabled." 5. Select "Apply."
• Manually disable message queuing on the Application Server. 1. Open server manager. 2. Select "Add roles and features." 3. Select "Start the Remove Roles and Features Wizard." 4. Before you begin-next. 5. Server selection-next. 6. Server roles-next. 7. Features section-take action. Select the black box next to Message Queuing. 8. When the window pops up select the "Remove Features" button. 9. Select "next." 10. Confirmation-select "Remove."
• As long as the Paceart Messaging Service remains disabled, the vulnerability will remain mitigated.
• Please refer to Medtronic's security bulletin for more information.

Affected Vendors

Affected Products (1)

Affected Sectors

Healthcare and Public Health