Security Vulnerabilities in Apollo Pharmacy and Mitsubishi Electric Devices
Recent security advisories concern the Apollo Pharmacy Blood Glucose Monitoring System and Mitsubishi Electric's MELSEC iQ-F Series. Critical vulnerabilities could lead to data loss and service interruptions.
Security Vulnerabilities in Apollo Pharmacy and Mitsubishi Electric Devices
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
The Apollo Pharmacy Blood Glucose Monitoring System (Model No. APG-01 BT) version 0x0110_v1.1.0 is affected by several security vulnerabilities that could allow attackers to intercept sensitive health information or prevent legitimate users from accessing the device.
Affected CVEs
- CVE-2026-50034: Attackers within the range of Bluetooth Low Energy (BLE) communication can intercept wireless data and obtain sensitive health data, including glucose measurement values.
- CVE-2026-52866: Attackers can monopolize the device's only available BLE connection slot, preventing legitimate users from connecting to the device.
Mitigation Recommendations
CISA recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities, including the use of firewalls and VPNs. More information is available on the CISA website.
Mitsubishi Electric MELSEC iQ-F Series
The MELSEC iQ-F Series by Mitsubishi Electric, particularly the FX5-ENET/IP Ethernet module, is also affected by a critical security vulnerability (CVE-2026-8806). This vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition by continuously sending a large number of communication packets to the product's Ethernet port.
Affected Products
- MELSEC iQ-F Series FX5-EIP EtherNet/IP Module (Version: all)
Mitigation Recommendations
Mitsubishi Electric recommends using firewalls and VPNs to prevent unauthorized access, as well as restricting access to the product to trusted networks. Further details can be found in the Mitsubishi Electric security advisory.
Conclusion
The security of critical infrastructures, especially in healthcare and manufacturing, is of utmost importance. Organizations should take proactive measures to protect their systems and minimize the risks posed by these vulnerabilities.