Skip links

Critical bug allows attacker to remotely control medical robot

Mobile robot maker Aethon has fixed a series of vulnerabilities in its Tug hospital robots that, if exploited, could allow a cybercriminal to remotely control thousands of medical machines.

Exploiting these five bugs, collectively called JekyllBot:5, required no special privileges or user interaction. And once used, they could allow miscreants to perform all sorts of evil deeds including accessing user credentials and medical records, locking down elevators and doors, surveilling facilities, disrupting patient care and meds, and launching further cyberattacks.

IoT healthcare security firm Cynerio discovered the vulnerabilities, whose CVSS scores range from 7.7 to 9.8, while deploying the Tug robots for a customer hospital.

Thankfully, none of these vulnerabilities were exploited in the wild. The threat research team notified the affected hospital, which had not yet connected its Tug robots to the internet. 

Cynerio did, however, find “several” hospitals in the US and globally that were using the internet-connected robots, and in each of these cases the researchers could exploit the vulns to remotely control the robots from the Cynerio Live research lab. 

“If attackers were able to exploit JekyllBot:5, they could have completely taken over system control, gained access to real-time camera feeds and device data, and wreaked havoc and destruction at hospitals using the robots,” said Asher Brass, lead researcher on the JekyllBot:5 vulnerabilities and head of cyber network analysis at Cynerio.

The researchers also notified these other hospitals — they won’t say exactly how many were using the internet-connected robots — as well as the manufacturer Aethon through CISA’s Coordinated Vulnerability Disclosure (CVD) process. All five bugs have been fixed for all Tug base server versions before version 24.

“Cynerio has worked closely with Aethon, the manufacturer of these robots, to ensure that the latest version of the robot firmware contained patches and fixes for each vulnerability the Cynerio Live research team found before any public reporting,” the researchers wrote. 

Tug robots

Tug robots have been on the market since 2004 and thousands of them now operate in hundreds of hospitals across North America, Europe, and Asia, according to Cynerio.

This include more than 37 VA hospitals across the US, University of California-San Francisco Medical Center, and Stanford Hospital.

They can be programmed to perform many health care-related jobs including transporting medications and lab specimens, cleaning floors, delivering meals and bed linens and other tasks that involve moving materials and clinical supplies. In other words: they are very useful health-care assistants — unless cybercriminals take over and the robots go rogue.

The robots use communication protocols including radio waves that allow them to open doors, and network-interface panels so they can ride elevators without human help. They also use cameras, lasers, and sensors to help them detect obstacles and avoid running into people.

Robots gone wild

While working on the Tug deployment, Cynerio researchers detected anomalous network traffic that they thought was related to the robots’ elevator and door sensors. They found a connection from the elevator to a server with an open HTTP port, which gave the security shop access to a company web portal that displayed the Tug robots’ status, hospital maps, and photos and videos of what the robots were seeing in real time. 

This portal also allowed an unauthorized user to control the robots, according to the security team. Additionally, they found some HTML vulnerabilities on the Tub web portal page that allowed an attacker to insert malicious javascript code on any computer that requested data about the robots.

Specifically, the vulnerabilities were in TUG Homebase Server’s JavaScript and API implementation, and a websocket that relied on absolute trust between the server and the robots to relay commands to them. 

As the Cynerio researchers noted, all five vulnerabilities could be exploited over the network and the internet, and “required a very low skill set for exploitation.” The bugs also highlighted a “major security issue” in the robots’ OS, according to the security shop:

Here’s a rundown on all five.

JekyllBot:5 vulnerabilities

The most critical of the bunch, CVE-2022-1070 received a 9.8 CVSS score. This vulnerability occurs because the product doesn’t verify the identity of the users at both ends of the communication channel, or ensure the channel’s integrity. This could allow unauthenticated attackers to connect to the Tug home base server websock and remotely control the robots. 

“The /api/tug/v3/ and /api/tug/v2/ methods were freely accessible over HTTP on ports 8081 and 80, and could be used by an unauthenticated attacker to obtain real-time photos from TUG robots, obtain current robot coordinates, and other potentially sensitive information,” the researchers warned. 

Once they have complete control over the Tug robots, the attackers’ illicit activities could range from annoying — such as harassing and running into people and objects — to potentially deadly if they exploited the vuln to prevent patients from receiving critical medications. 

Two other authorization vulnerabilities, CVE-2022-1066 and CVE-2022-26423, received an 8.2 severity score. Because the software doesn’t perform an authorization check, an unauthenticated attacker could add new users with administrative privileges, delete or modify existing users, and access hashed user credentials. 

Additionally, the user interface has a joystick module that allows users to control the robots. In this attack scenario, Cynerio researchers note that they could move the robots and send them commands, including denial-of-service attacks on elevators and doors, thus potentially locking people out of rooms and shutting down elevators. They could also see the robot’s camera in real time.

The final two bugs, CVE-2022-27494 and CVE-2022-1059, are both cross-site scripting (XSS) vulnerabilities in the fleet management console. Both scored 7.6. They occur because the software doesn’t neutralize user-controllable input before placing it in output, via the console, and could allow an attacker to hijack a user session with higher privileges, or inject malicious code into the browser of the user accessing the console. ®