BD Discloses Password Vulnerability in Infusion Software

BD announced that certain versions of its Alaris Infusion Central standalone software for infusion pumps may pose a cybersecurity risk because of a password vulnerability.

The software allows healthcare providers to monitor infusion data sent from BD Alaris Plus and BD Alari neXus pumps to a computer. Software versions 1.1 to 1.3.2 are affected.

The company reported the vulnerability to the FDA and the Department of Homeland Security but noted that the affected software is not sold in the U.S.