Summary:
Medical devices are using default credentials across all their deployments for ease of installation, configuration and support. This is not a singularity, but is more of a chronic global epidemic that exists through out this industry. When combined with the nature of the solution/system and what it actively does for a patient care, this isn't just a 'default password' issue, but is a critical issue because it would allow a malicious actor to disable, shutdown, or corrupt the device and cause an impact to patient care.
Response:
Lessons Learned: