Machines are not a 'gateway for hackers'

"It is true that a security vulnerability was discovered in the course of a penetration test on a Miele machine. This security hole was not however discovered on a dishwasher but on a machine to disinfect medical products and laboratory equipment with the model designation PG 8528. Equally so, this machine cannot be misused as a 'gateway for hackers' as it does not have its own connection to the Internet", a press release of German white-goods manufacturer Miele reads. However, only people already inside the user's internal network have access to data on the PG 8528. This vulnerability pinpointed during the penetration test results in the increased risk of an unauthorised read-out of data. With this data, hackers could possibly be successful in cracking passwords in order to obtain further access to machine software. There are, though, no indications whatsoever that this has indeed been the case on any of the machines affected. Furthermore, the abuse of machine data would neither facilitate access to third-party data nor to other machines or processes in the user's network. Consequently, the security hole revealed in the course of a penetration test was only designated as being 'moderately serious'. The software used on the PG 8528 is also deployed on models PG 8527, PG 8535 and PG 8536. Since their introduction in 2007, approximately 5'800 of these machines have been sold. Miele intends to contact each user individually to inform them of further details.