top of page
  • mastodonlogo
  • X
  • LinkedIn
  • Youtube
  • Instagram

Tamil Mathi

Life on the Line: Breaking into a Medical Device by Exploiting TEE/HSM

BIO

CyberSecurity professional with over 7 years of Industry experience, holding a Master’s Degree in Cybersecurity from University of North Carolina at Charlotte (UNCC), USA.


-A Synack bug bounty hunter with certifications including OSCP, Certified Red Team Expert (CRTE), and CEH

-Experience across various domains in cybersecurity such as IoT, Web, Cloud, Mobile and VR space. Strong knowledge of secure design & Threat Modeling, Penetration Testing, Network Security, and Ethical Hacking. Participated in various Competitions and CTF-Challenges.


My blog site: https://medium.com/@tamilmathi_maddy_tamilthurai


ABSTRACT


'The device designed to save your life could become the one that ends it.’


In this talk, I will expose how critical vulnerabilities in a medical IoT device, used in life-critical environments such as ICUs and ORs, can be abused by attackers to compromise patient safety. As medical devices and embedded systems become increasingly vital to patient care, their security is often overlooked.


I will discuss how adversaries could exploit weaknesses in cryptographic implementations and flawed trusted application designs within Trusted Execution Environments (TEEs)—which are gaining popularity as a low-cost alternative to Hardware Security Modules (HSMs) for critical security operations such as encryption, decryption, signing & verification and secure storage.

However, when developers rely on TEEs without fully understanding their inner workings and implementation details, it can introduce critical security risks. These gaps can allow attackers to bypass a device’s cryptographic protections, exfiltrate sensitive keys, and extract valuable intellectual property (IP), such as an AI-powered algorithm used for patient diagnosis. The compromise of such IP could lead to substantial financial losses for the manufacturer, enable counterfeit device production, or facilitate malicious tampering with patient monitoring systems, posing serious threat to patients life & safety.


Additionally, Improper implementation of the device’s secure storage could be abused by attackers to perform offline attacks and putting the sensitive data at risk. Such attacks can result in the tampering of critical hemodynamic parameters—such as blood pressure, cardiac output, or oxygen levels—leading to inaccurate readings that misguide healthcare professionals. This can trigger the administration of incorrect drug dosages or unnecessary treatments, directly endangering patient safety. In high-stakes environments like ICUs and operating rooms, even a slight deviation in these readings can cause life-threatening

complications, from organ failure to cardiac arrest. An attacker gaining control over such a device could not only disrupt patient care but potentially turn the device into a weapon—exploiting the trust placed in these life-saving systems.


Drawing from my extensive experience in embedded medical device security and IoT systems, I observe that ongoing challenges—such as knowledge gaps, complex implementation specifics, and a lack of embedded security best practices—are consistently leading to vulnerabilities like these. In particular, the improper usage of TEEs for cryptographic storage is emerging as a recurring issue.


This session will not only raise awareness of the growing security risks in IoT and TEE-powered systems but will also equip attendees with practical countermeasures to secure devices against such sophisticated and potentially life-threatening attacks.


Tool release:

• I’ll be releasing a open-source tool to find vulnerabilities like this in the system that uses TEE & PKCS#11 implementation.

Tamil Mathi
Biohacking Village

Collaborating for cybersecurity safety and innovation in healthcare.

Speaker Lab Biohacking Village

2025 Speaker

DEF CON 33

Creator Stage

Speaker Lab Biohacking Village
bottom of page