Background
Terumo Blood and Cell Technologies is aware of and is currently monitoring RIPPLE20.
As a result, product technical teams are performing technical assessments to determine whether RIPPLE20 presents a measurable cybersecurity risk.
Response
Terumo Blood and Cell Technologies is currently working with each product team and assessing whether and how RIPPLE20 could be used to exploit our products. While some technical assessments have been completed, others are still ongoing.
Terumo Blood and Cell Technologies products that are confirmed to be unaffected by RIPPLE20:
The product list below is available to customers to help identify existing Terumo Blood and Cell Technologies products that have been confirmed to be unaffected by RIPPLE20. The list provided below is not comprehensive and may be updated as more products are assessed. It does not indicate the patch or device status.
- Trima Accel® Automated Blood Collection System
- Trima Accel® Procedure Summary
- Trima KPI Dashboard
- Vista® Information System
- Cadence® Data Collection System
- Spectra Optia® Apheresis System
- Mirasol® Pathogen Reduction Technology
- Reveos® Automated Blood Processing System
- Quantum® Cell Expansion System
- FINIA® Fill and Finish System
- Cell Processing Application
- InfoVu
- TOMEs (Terumo Operational Medical Equipment Software)
- T-RAC II (Terumo Recording & Automatic Blood Collector)
Customers that maintain patches independent of Terumo Blood and Cell Technologies delivery should ensure that these actions are performed as the acting entity responsible for maintaining the correct security posture of the system(s).