Olympus understands the critical role of security in our products and is committed to addressing the security concerns of our customers.
If you have general product security questions, please contact the Olympus Product Security Team at firstname.lastname@example.org.
PRODUCT SECURITY INCIDENT
If you believe there is a security incident involving an Olympus product, please contact the Olympus America Technical Assistance Center at 1-800-848-9024, option 1.
PRODUCT VULNERABILITY, EXPLOIT, or COMPROMISE
If you believe you have discovered a vulnerability in an Olympus product, please complete the following form. Once submitted, the Olympus Product Security Incident Response Team (Olympus-PSIRT) will review and respond to your submission with next steps.
Please note that submitting information on potential vulnerabilities does not create any rights on behalf of the submitting party or obligations on behalf of Olympus. Olympus can use the information at its discretion.
PRODUCT SECURITY DOCUMENTS
Olympus understands the critical role of the security and data privacy measures within our products and is committed to helping our customers understand what measures are available and how they can be configured. This starts with providing industry accepted documentation such as the Manufacturers Disclosure Statement for Medical Device Security (MDS2), which provides a comprehensive overview on the security and data privacy capabilities of the products, as well as detailed instructions on how to securely delete critical data off of the product when no longer necessary.
Additionally, Olympus provides our customers with documentation to help address the vulnerabilities and risks associated with products that process PHI.
To gain access to the Olympus Product Security documents, customers must first register for an Olympus Connect account.
Access documents here
Please find below all advisory communications regarding security events and incidents and their potential impact to Olympus products:
- Olympus Response to Ripple20 Vulnerabilities
- Olympus Response to SweynTooth Vulnerabilities
- Olympus Response to URGENT/11 Vulnerabilities
- Olympus Response to Wind River VxWorks Vulnerabilities (ICSA-19-211-01)
- Olympus Response to Microsoft Remote Desktop Services Remote Execution Vulnerability (CVE-2019-0708)
- Olympus Response to Spectre & Meltdown
- Olympus Response to Wannacry Ransomware Event