Post

Eppendorf BioFlo 320 Vulnerability Alert

Posted
By ictsec.pl
1 min read
Eppendorf BioFlo 320 Vulnerability Alert

Eppendorf BioFlo 320 Vulnerability Alert 🚨

Source: CISA
Date Published: May 26, 2026

A critical vulnerability has been identified in the Eppendorf BioFlo 320 bioreactor. Successful exploitation of this vulnerability could allow an attacker to gain full access to functionality and data. The affected versions include all versions of the BioFlo 320 Bioreactor. This vulnerability is tracked as CVE-2026-7251 and impacts critical infrastructure sectors, specifically Healthcare and Public Health, for systems deployed worldwide.

Key Details:

  • The vulnerability arises from the VNC server using a hard-coded password.
  • VNC traffic is not encrypted, making it susceptible to attacks.

If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface using this password. Once connected, the attacker would have access to all control panel features for the BioFlo 320. This vulnerability is classified under CWE-259, Use of Hard-coded Password.

CISA has reported this vulnerability, and Eppendorf has released a software update that permanently removes VNC access from the controller. Users are advised to download and apply this update from: Eppendorf Software Downloads.

Recommendations:

  • Verify that VNC is disabled on the controller.
  • Enable security so that only Admin and Supervisor roles can change VNC settings.
  • Install Version 5.0 Software as soon as possible.

CISA also recommends minimizing network exposure for all control system devices and ensuring they are not accessible from the internet. Control system networks and remote devices should be located behind firewalls and isolated from business networks. When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), while recognizing that VPNs may have vulnerabilities and should be updated to the most current version available.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. For further details, please refer to the complete article: Read full article.

SECURITY
EPPENDORF BIOFLO320 VULNERABILITY SECURITY CISA
This post is licensed under CC BY 4.0 by the author.