medical-device-security
Safeguard articles tagged "medical-device-security" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Eppendorf BioFlo 320 Bioreactor: A Hard-Coded VNC Password Earns CVSS 9.8 (CISA ICSMA-26-146-01, May 2026)
CISA's May 26, 2026 medical advisory flags CVE-2026-7251, a hard-coded VNC password in all versions of the Eppendorf BioFlo 320 bioreactor. A remote attacker who reaches the device gets full control of cell-culture and bioprocess parameters. We break down the flaw and the fix.
FDA SBOM requirements for medical device software
Since Oct 2023 the FDA can reject medical device submissions missing a compliant SBOM. Here's what Section 524B actually requires, in plain terms.
Software supply chain security for medical devices
How FDA premarket cybersecurity rules, medical device SBOMs, and firmware vulnerabilities like Ripple20 and SweynTooth are reshaping supply chain security for connected medical devices.
Medical device firmware SBOM and coordinated vulnerabilit...
How medical device firmware SBOMs, FDA Section 524B, ISO 81001-5-1, and coordinated vulnerability disclosure work together to secure connected IoMT devices.