{"id":42100,"date":"2021-08-02T11:36:06","date_gmt":"2021-08-02T11:36:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/"},"modified":"2021-08-02T11:36:06","modified_gmt":"2021-08-02T11:36:06","slug":"pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/","title":{"rendered":"PwnedPiper vulns have potential to turn Swisslog&#8217;s PTS hospital products into Swiss cheese, says Armis"},"content":{"rendered":"<p>Security specialist Armis has discovered vulnerabilities, collectively dubbed PwnedPiper, in pneumatic tube control systems used in thousands of hospitals worldwide \u2013 including 80 per cent of the major hospitals found in the US.<\/p>\n<p>The researcher spotted the PwnedPiper vulnerabilities in Swisslog&#8217;s Nexus stations for its Translogic Pneumatic Tube System (PTS) product \u2013 a connected control system for the delivery tubes which send medicines, samples, blood products, and paperwork whizzing around a hospital. The vulnerabilities have not been exploited in the wild, Armis added.<\/p>\n<p>The systems include hardcoded passwords for both user and administrative accounts which can be accessed over an unencrypted Telnet connection \u2013 enabled by default, with no way for an end user to disable it, Armis said. However, in the context of the Nexus Control Panel, the Telnet service is actually not used in production, it added.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>If, somehow, the attacker wasn&#8217;t aware of the hardcoded root-user password, another vulnerability \u2013 caused by running a user-accessible script as root \u2013 would allow them to elevate their privileges from a standard user to full control of the system, said Armis.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Four additional memory corruption vulnerabilities \u2013 one underflow, two overflows, and an off-by-three overflow \u2013 in the TLP20 protocol implementation used by the Nexus systems render the above relatively pointless by permitting both denial-of-service and remote code execution attacks. Yet another vulnerability in the graphical user interface allows for control connections to be hijacked.<\/p>\n<p>&#8220;The PTS system supports variable speed transactions which, on the one hand allow for express shipment of urgent items,&#8221; the researchers said, &#8220;while on the other, enable the slow transfer of sensitive items, such as blood products, that may be harmed if jolted too quickly within the tubes. If an attacker were to compromise the PTS system, he may alter the system&#8217;s speed restrictions, which can in turn damage such sensitive items.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Compromising the PTS network can allow an attacker to control the paths of the carriers&#8217; transactions, by acting as a man-in-the-middle, and altering the requested destinations of the carriers when a transaction request is sent to the PTS network central server. Combining one or more of the described primitives above can allow for a devastating ransomware attack to be unleashed. The attacker can either re-route carriers, derailing the operations of the hospital, or halt the system altogether,&#8221; the infosec researcher claimed.<\/p>\n<p>Another issue is that access to the PTS control systems can offer attackers a way into other parts of the hospital. &#8220;By compromising a Nexus station, an attacker can leverage it for reconnaissance purposes,&#8221; the researchers warned, &#8220;including harvesting data from the station such as RFID credentials of any employee that uses the PTS system, details about each station&#8217;s functions or location, as well as gain[ing] an understanding of the physical layout of the PTS network.&#8221;<\/p>\n<p>Ransomware groups are known for targeting medical facilities: hospitals in <a href=\"https:\/\/www.theregister.com\/2021\/05\/19\/new_zealand_hospitals_taken_down\/\">New Zealand<\/a>, <a href=\"https:\/\/www.theregister.com\/2021\/05\/14\/ireland_hse_ransomware_hospital_conti_wizardspider\/\">Ireland<\/a>, <a href=\"https:\/\/www.theregister.com\/2020\/09\/28\/united_health_services_ransomware\/\">the UK and US<\/a>, and <a href=\"https:\/\/www.theregister.com\/2020\/09\/18\/ransomware_germany_hospital\/\">Germany<\/a> have all reported ransomware attacks over the last twelve months \u2013 with blame for a patient&#8217;s death pinned on the latter infection.<\/p>\n<p>Armis disclosed a final vulnerability in the firmware update process itself \u2013 which it said requires no authentication, does not require any form of signature or hash validation, and uses files which are in no way encrypted.<\/p>\n<p>&#8220;This is the most severe vulnerability since it can allow an attacker to gain unauthenticated remote-code-execution by initiating a firmware update procedure while also maintaining persistence on the device,&#8221; the researchers warned, &#8220;allowing him to hold the stations hostage until a ransom is paid.&#8221;<\/p>\n<p>Ben Seri, vice president of research and leader of the team which discovered the vulnerabilities, told us: &#8220;Armis disclosed the vulnerabilities to Swisslog on May 1, 2021 and has been working with the manufacturer to ensure proper security measures and patches will be provided to customers. With so many hospitals reliant on this technology we&#8217;ve worked diligently to address these vulnerabilities to increase cyber resiliency in these healthcare environments, where lives are on the line.&#8221;<\/p>\n<p>Seri said Swisslog has worked on remediation efforts and a patch, v7.2.5.7, was readied for today.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;This patch addresses 8 of the 9 vulnerabilities that Armis have identified. Although, there is [an] still issue for legacy systems, which the patch won&#8217;t be available for, and therefore those hospitals are encouraged to upgrade their systems as soon as possible,&#8221; he told us.<\/p>\n<p><i>The Register<\/i> asked Swisslog to comment on the vulnerabilities and on the certification process its PTS products went through before being sold into hospitals. The company sent us a statement:<\/p>\n<p>&#8220;In May, cyber security platform provider Armis approached us to share that it found some potential vulnerabilities to our TransLogic firmware that drives a specific panel in some pneumatic tube systems if a bad actor was first able to successfully break into a hospital\u2019s secure network, know and understand the pathway from there to the panel, and then leverage the vulnerabilities.<\/p>\n<p>&#8220;We immediately started collaborating on both short-term mitigation and long-term fixes. A software update for all but one of the vulnerabilities has been developed, and specific mitigation strategies for the remaining vulnerability are available for customers. Swisslog Healthcare has already begun rolling out these solutions and will continue to work with its customers and affected facilities. Our commitment to security as an organizational priority has prepared us to address these types of issues with efficiency and transparency.&#8221;<\/p>\n<p>Seri is to present Armis&#8217;s research at the Black Hat conference this week, with researcher Barak Hadad. More details on the vulnerabilities can be found on the <a href=\"https:\/\/www.armis.com\/pwnedpiper\">Armis website<\/a> and Swisslogs&#8217; advisory is <a target=\"_blank\" href=\"https:\/\/www.swisslog-healthcare.com\/en-us\/company\/news\/2021\/07\/translogic-firmware-vulnerabilities\" rel=\"noopener\">here<\/a>. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/08\/02\/pwnedpiper_swisslog_pts\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hardcoded passwords, unencrypted connections and unauthenticated firmware updates&#8230; patches released Security specialist Armis has discovered vulnerabilities, collectively dubbed PwnedPiper, in pneumatic tube control systems used in thousands of hospitals worldwide \u2013 including 80 per cent of the major hospitals found in the US.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-42100","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>PwnedPiper vulns have potential to turn Swisslog&#039;s PTS hospital products into Swiss cheese, says Armis 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PwnedPiper vulns have potential to turn Swisslog&#039;s PTS hospital products into Swiss cheese, says Armis 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-02T11:36:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"PwnedPiper vulns have potential to turn Swisslog&#8217;s PTS hospital products into Swiss cheese, says Armis\",\"datePublished\":\"2021-08-02T11:36:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\"},\"wordCount\":939,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\",\"name\":\"PwnedPiper vulns have potential to turn Swisslog's PTS hospital products into Swiss cheese, says Armis 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-08-02T11:36:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage\",\"url\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PwnedPiper vulns have potential to turn Swisslog&#8217;s PTS hospital products into Swiss cheese, says Armis\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PwnedPiper vulns have potential to turn Swisslog's PTS hospital products into Swiss cheese, says Armis 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/","og_locale":"en_US","og_type":"article","og_title":"PwnedPiper vulns have potential to turn Swisslog's PTS hospital products into Swiss cheese, says Armis 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-08-02T11:36:06+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"PwnedPiper vulns have potential to turn Swisslog&#8217;s PTS hospital products into Swiss cheese, says Armis","datePublished":"2021-08-02T11:36:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/"},"wordCount":939,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/","url":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/","name":"PwnedPiper vulns have potential to turn Swisslog's PTS hospital products into Swiss cheese, says Armis 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-08-02T11:36:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YQfxOLljKQvI667TQEq@3gAAABc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/pwnedpiper-vulns-have-potential-to-turn-swisslogs-pts-hospital-products-into-swiss-cheese-says-armis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"PwnedPiper vulns have potential to turn Swisslog&#8217;s PTS hospital products into Swiss cheese, says Armis"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42100","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=42100"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42100\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=42100"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=42100"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=42100"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}