Medtronic (previously) is a notoriously insecure medical implant manufacturer whose devices have been repeatedly shown to be grossly insecure — their pacemakers can be hacked before leaving the factory!
To make things worse, the company is notably hostile to independent security research and repair.
The latest twist in the saga: Medtronic has been the subject of an FDA security alert, which has prompted the company to finally disable its insecure software updating system (which let hackers push malicious updates to the hardware "wands" used to update pacemakers) for some models (after denying that this was a problem!).
These wands will now have to be updated by USB.
Two models, the Carelink 2090 and the Carelink Encore 2091, could have been tampered with by an attacker modifying their firmware and, in turn, change how the programmers configured the implants. Medtronic said that now not only does it believe those vulnerabilities would be locally exploitable, but could also be targeted by an attacker who was able to remotely access the device.
"Although the programmer uses a virtual private network (VPN) to establish an internet connection with the Medtronic [software distribution network] SDN, the vulnerability identified with this connection is that the programmers do not verify that they are still connected to the VPN prior to downloading updates," the FDA explained.
"To address this cybersecurity vulnerability and improve patient safety, on October 5, 2018, the FDA approved Medtronic's update to the Medtronic network that will intentionally block the currently existing programmer from accessing the Medtronic SDN."
It's the real Heart Bleed: Medtronic locks out vulnerable pacemaker programmer kit [Shaun Nichols/The Register]