All the vulnerabilites related to Philips - Patient Information Center iX (PICiX)
cve-2020-16220
Vulnerability from cvelistv5
Published
2020-09-11 13:11
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Improper Validation of Syntactic Correctness of Input
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | x_refsource_MISC | |
| https://www.philips.com/productsecurity |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:53.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PerformanceBridge Focal Point",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "A.01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nIn Patient Information Center iX (PICiX) Versions C.02, C.03, \nPerformanceBridge Focal Point Version A.01, the product receives input \nthat is expected to be well-formed (i.e., to comply with a certain \nsyntax) but it does not validate or incorrectly validates that the input\n complies with the syntax, causing the certificate enrollment service to\n crash. It does not impact monitoring but prevents new devices from \nenrolling.\n\n\u003c/p\u003e"
}
],
"value": "In Patient Information Center iX (PICiX) Versions C.02, C.03, \nPerformanceBridge Focal Point Version A.01, the product receives input \nthat is expected to be well-formed (i.e., to comply with a certain \nsyntax) but it does not validate or incorrectly validates that the input\n complies with the syntax, causing the certificate enrollment service to\n crash. It does not impact monitoring but prevents new devices from \nenrolling.\n\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T21:00:57.133Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003ePhilips released the following versions to remediate reported vulnerabilities:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePatient Information Center iX (PICiX) Version C.03\u003c/li\u003e\n\u003cli\u003ePerformanceBridge Focal Point\u003c/li\u003e\n\u003cli\u003eCertificate revocation within the system was implemented for PIC iX and Performance Bridge FocalPoint.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n\n\n * Patient Information Center iX (PICiX) Version C.03\n\n * PerformanceBridge Focal Point\n\n * Certificate revocation within the system was implemented for PIC iX and Performance Bridge FocalPoint.\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Improper Validation of Syntactic Correctness of Input",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eAs a mitigation to these vulnerabilities, Philips recommends the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/\"\u003eInCenter\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBy default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\u003c/li\u003e\n\u003cli\u003eWhen enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003c/li\u003e\n\u003cli\u003eImplement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\u003c/li\u003e\n\u003cli\u003eOnly grant remote access to PIC iX servers on a must-have basis.\u003c/li\u003e\n\u003cli\u003eGrant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team, or regional service support\u003c/a\u003e, or call 1-800-722-9377.\u003c/p\u003e\n\u003cp\u003ePlease see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ePhilips product security website\u003c/a\u003e for the Philips advisory and the latest security information for Philips products.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n\n\n\n * The Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on InCenter https://incenter.medical.philips.com/ .\n\n * By default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\n\n * When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n\n * Implement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\n\n * Only grant remote access to PIC iX servers on a must-have basis.\n\n * Grant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\n\n\n\n\nUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local Philips service support team, or regional service support https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , or call 1-800-722-9377.\n\n\nPlease see the Philips product security website https://www.philips.com/productsecurity for the Philips advisory and the latest security information for Philips products.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER VALIDATION OF SYNTACTIC CORRECTNESS OF INPUT CWE-1286"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16220",
"datePublished": "2020-09-11T13:11:22",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:53.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16218
Vulnerability from cvelistv5
Published
2020-09-11 12:50
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Cross-site Scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | x_refsource_MISC | |
| https://www.philips.com/productsecurity |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Philips | Patient Information Center iX (PICiX) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "B.02"
},
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nIn Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the \nsoftware does not neutralize or incorrectly neutralizes \nuser-controllable input before it is placed in output that is then used \nas a webpage and served to other users. Successful exploitation could \nlead to unauthorized access to patient data via a read-only web \napplication.\n\n\u003c/p\u003e"
}
],
"value": "In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the \nsoftware does not neutralize or incorrectly neutralizes \nuser-controllable input before it is placed in output that is then used \nas a webpage and served to other users. Successful exploitation could \nlead to unauthorized access to patient data via a read-only web \napplication.\n\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:43:17.263Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003ePhilips released the following versions to remediate reported vulnerabilities:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePatient Information Center iX (PICiX) Version C.03\u003c/li\u003e\n\u003cli\u003eCertificate revocation within the system was implemented for PIC iX.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n\n\n * Patient Information Center iX (PICiX) Version C.03\n\n * Certificate revocation within the system was implemented for PIC iX.\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eAs a mitigation to these vulnerabilities, Philips recommends the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/\"\u003eInCenter\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBy default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\u003c/li\u003e\n\u003cli\u003eWhen enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003c/li\u003e\n\u003cli\u003eImplement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\u003c/li\u003e\n\u003cli\u003eOnly grant remote access to PIC iX servers on a must-have basis.\u003c/li\u003e\n\u003cli\u003eGrant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team, or regional service support\u003c/a\u003e, or call 1-800-722-9377.\u003c/p\u003e\n\u003cp\u003ePlease see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ePhilips product security website\u003c/a\u003e for the Philips advisory and the latest security information for Philips products.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n\n\n\n * The Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on InCenter https://incenter.medical.philips.com/ .\n\n * By default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\n\n * When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n\n * Implement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\n\n * Only grant remote access to PIC iX servers on a must-have basis.\n\n * Grant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\n\n\n\n\nUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local Philips service support team, or regional service support https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , or call 1-800-722-9377.\n\n\nPlease see the Philips product security website https://www.philips.com/productsecurity for the Philips advisory and the latest security information for Philips products.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access to patient data via a read-only web application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION (\u0027CROSS-SITE SCRIPTING\u0027) CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16218",
"datePublished": "2020-09-11T12:50:08",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16214
Vulnerability from cvelistv5
Published
2020-09-11 12:53
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Improper Neutralization of Formula Elements in a CSV File
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | x_refsource_MISC | |
| https://www.philips.com/productsecurity |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Philips | Patient Information Center iX (PICiX) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:53.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "B.02"
},
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nIn Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the \nsoftware saves user-provided information into a comma-separated value \n(CSV) file, but it does not neutralize or incorrectly neutralizes \nspecial elements that could be interpreted as a command when the file is\n opened by spreadsheet software.\n\n\u003c/p\u003e"
}
],
"value": "In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the \nsoftware saves user-provided information into a comma-separated value \n(CSV) file, but it does not neutralize or incorrectly neutralizes \nspecial elements that could be interpreted as a command when the file is\n opened by spreadsheet software.\n\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:37:00.663Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003ePhilips released the following versions to remediate reported vulnerabilities:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePatient Information Center iX (PICiX) Version C.03\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n\n\n * Patient Information Center iX (PICiX) Version C.03\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Improper Neutralization of Formula Elements in a CSV File",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eAs a mitigation to these vulnerabilities, Philips recommends the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/\"\u003eInCenter\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBy default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\u003c/li\u003e\n\u003cli\u003eWhen enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003c/li\u003e\n\u003cli\u003eImplement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\u003c/li\u003e\n\u003cli\u003eOnly grant remote access to PIC iX servers on a must-have basis.\u003c/li\u003e\n\u003cli\u003eGrant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team, or regional service support\u003c/a\u003e, or call 1-800-722-9377.\u003c/p\u003e\n\u003cp\u003ePlease see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ePhilips product security website\u003c/a\u003e for the Philips advisory and the latest security information for Philips products.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n\n\n\n * The Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on InCenter https://incenter.medical.philips.com/ .\n\n * By default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\n\n * When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n\n * Implement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\n\n * Only grant remote access to PIC iX servers on a must-have basis.\n\n * Grant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\n\n\n\n\nUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local Philips service support team, or regional service support https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , or call 1-800-722-9377.\n\n\nPlease see the Philips product security website https://www.philips.com/productsecurity for the Philips advisory and the latest security information for Philips products.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The software saves user-provided information into a comma-separated value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF FORMULA ELEMENTS IN A CSV FILE CWE-1236"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16214",
"datePublished": "2020-09-11T12:53:15",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:53.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16222
Vulnerability from cvelistv5
Published
2020-09-11 12:55
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Improper Authentication
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | x_refsource_MISC | |
| https://www.philips.com/productsecurity |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "B.02"
},
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PerformanceBridge Focal Point",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "A.01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\nIn Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and \nPerformanceBridge Focal Point Version A.01, when an actor claims to have\n a given identity, the software does not prove or insufficiently proves \nthe claim is correct.\n\n"
}
],
"value": "In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and \nPerformanceBridge Focal Point Version A.01, when an actor claims to have\n a given identity, the software does not prove or insufficiently proves \nthe claim is correct.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:47:05.737Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003ePhilips released the following versions to remediate reported vulnerabilities:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePatient Information Center iX (PICiX) Version C.03\u003c/li\u003e\n\u003cli\u003ePerformanceBridge Focal Point\u003c/li\u003e\n\u003cli\u003eCertificate revocation within the system was implemented for PIC iX \nand Performance Bridge FocalPoint.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n\n\n * Patient Information Center iX (PICiX) Version C.03\n\n * PerformanceBridge Focal Point\n\n * Certificate revocation within the system was implemented for PIC iX \nand Performance Bridge FocalPoint.\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Improper Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eAs a mitigation to these vulnerabilities, Philips recommends the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/\"\u003eInCenter\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBy default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\u003c/li\u003e\n\u003cli\u003eWhen enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003c/li\u003e\n\u003cli\u003eImplement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\u003c/li\u003e\n\u003cli\u003eOnly grant remote access to PIC iX servers on a must-have basis.\u003c/li\u003e\n\u003cli\u003eGrant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team, or regional service support\u003c/a\u003e, or call 1-800-722-9377.\u003c/p\u003e\n\u003cp\u003ePlease see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ePhilips product security website\u003c/a\u003e for the Philips advisory and the latest security information for Philips products.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n\n\n\n * The Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on InCenter https://incenter.medical.philips.com/ .\n\n * By default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\n\n * When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n\n * Implement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\n\n * Only grant remote access to PIC iX servers on a must-have basis.\n\n * Grant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\n\n\n\n\nUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local Philips service support team, or regional service support https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , or call 1-800-722-9377.\n\n\nPlease see the Philips product security website https://www.philips.com/productsecurity for the Philips advisory and the latest security information for Philips products.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. When an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16222",
"datePublished": "2020-09-11T12:55:23",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16224
Vulnerability from cvelistv5
Published
2020-09-11 13:05
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Improper Handling of Length Parameter Inconsistency
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | x_refsource_MISC | |
| https://www.philips.com/productsecurity |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Philips | Patient Information Center iX (PICiX) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:53.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nIn Patient Information Center iX (PICiX) Versions C.02, C.03, the \nsoftware parses a formatted message or structure but does not handle or \nincorrectly handles a length field that is inconsistent with the actual \nlength of the associated data, causing the application on the \nsurveillance station to restart.\n\n\u003c/p\u003e"
}
],
"value": "In Patient Information Center iX (PICiX) Versions C.02, C.03, the \nsoftware parses a formatted message or structure but does not handle or \nincorrectly handles a length field that is inconsistent with the actual \nlength of the associated data, causing the application on the \nsurveillance station to restart.\n\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-130",
"description": "CWE-130 Improper Handling of Length Parameter Inconsistency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:55:58.162Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003ePhilips released the following versions to remediate reported vulnerabilities:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePatient Information Center iX (PICiX) Version C.03\u003c/li\u003e\n\u003cli\u003eCertificate revocation within the system was implemented for PIC iX.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n\n\n * Patient Information Center iX (PICiX) Version C.03\n\n * Certificate revocation within the system was implemented for PIC iX.\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Improper Handling of Length Parameter Inconsistency",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eAs a mitigation to these vulnerabilities, Philips recommends the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/\"\u003eInCenter\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBy default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\u003c/li\u003e\n\u003cli\u003eWhen enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003c/li\u003e\n\u003cli\u003eImplement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\u003c/li\u003e\n\u003cli\u003eOnly grant remote access to PIC iX servers on a must-have basis.\u003c/li\u003e\n\u003cli\u003eGrant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team, or regional service support\u003c/a\u003e, or call 1-800-722-9377.\u003c/p\u003e\n\u003cp\u003ePlease see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ePhilips product security website\u003c/a\u003e for the Philips advisory and the latest security information for Philips products.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n\n\n\n * The Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on InCenter https://incenter.medical.philips.com/ .\n\n * By default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\n\n * When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n\n * Implement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\n\n * Only grant remote access to PIC iX servers on a must-have basis.\n\n * Grant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\n\n\n\n\nUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local Philips service support team, or regional service support https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , or call 1-800-722-9377.\n\n\nPlease see the Philips product security website https://www.philips.com/productsecurity for the Philips advisory and the latest security information for Philips products.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The software parses a formatted message or structure but does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data, causing the application on the surveillance station to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER HANDLING OF LENGTH PARAMETER INCONSISTENCY CWE-130"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16224",
"datePublished": "2020-09-11T13:05:19",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:53.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16212
Vulnerability from cvelistv5
Published
2020-09-11 13:13
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Exposure of Resource to Wrong Sphere
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Philips | Patient Information Center iX (PICiX) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "B.02"
},
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges."
}
],
"value": "In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668 Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T18:24:53.053Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Philips released the following versions to remediate reported vulnerabilities:\u003cbr\u003e\u003cbr\u003e* Patient Information Center iX (PICiX) Version C.03\u003cbr\u003e* Certificate revocation within the system was implemented for PIC iX and Performance Bridge FocalPoint in 2023. The implementation of the IntelliVue Patient Monitors will be completed in Q3 of 2024.\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n* Patient Information Center iX (PICiX) Version C.03\n* Certificate revocation within the system was implemented for PIC iX and Performance Bridge FocalPoint in 2023. The implementation of the IntelliVue Patient Monitors will be completed in Q3 of 2024.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Exposure of Resource to Wrong Sphere",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\u003cbr\u003e* The Philips patient monitoring network is required to be physically or logically isolated from the hospital local area network (LAN). Philips recommends using a firewall or routers that can implement access control lists restricting access in and out of the patient monitoring network for only necessary ports and IP addresses. Refer to the Philips Patient Monitoring System Security for Clinical Networks guide for additional information on [InCenter](\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/)\"\u003ehttps://incenter.medical.philips.com/)\u003c/a\u003e.\u003cbr\u003e* By default, the simple certificate enrollment protocol (SCEP) service is not running. When needed, the service is configured to run based on the duration or the number of certificates to be assigned. One certificate is default, but if a certificate is not issued, the service will continue to run. Limit exposure by ensuring the SCEP service is not running unless it is actively being used to enroll new devices.\u003cbr\u003e* When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003cbr\u003e* Implement physical security controls to prevent unauthorized login attempts on the PIC iX application. Servers should be kept in controlled locked data centers. Access to equipment at nurses\u2019 stations should be controlled and monitored.\u003cbr\u003e* Only grant remote access to PIC iX servers on a must-have basis.\u003cbr\u003e* Grant login privileges to the bedside monitor and PIC iX application on a role-based, least-privilege basis, and only to trusted users.\u003cbr\u003e \u003cbr\u003eUsers with questions regarding their specific Philips Patient Information Center (PIC iX) and/or IntelliVue patient monitor installations and new release eligibility should contact their local Philips service support team, or regional service support (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ehttps://www.usa.philips.com/healthcare/solutions/customer-service-solutions\u003c/a\u003e), or call 1-800-722-9377.\u003cbr\u003e\u003cbr\u003ePlease see the Philips product security website (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ehttps://www.philips.com/productsecurity\u003c/a\u003e) for the Philips advisory and the latest security information for Philips products.\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n* The Philips patient monitoring network is required to be physically or logically isolated from the hospital local area network (LAN). Philips recommends using a firewall or routers that can implement access control lists restricting access in and out of the patient monitoring network for only necessary ports and IP addresses. Refer to the Philips Patient Monitoring System Security for Clinical Networks guide for additional information on [InCenter]( https://incenter.medical.philips.com/) https://incenter.medical.philips.com/) .\n* By default, the simple certificate enrollment protocol (SCEP) service is not running. When needed, the service is configured to run based on the duration or the number of certificates to be assigned. One certificate is default, but if a certificate is not issued, the service will continue to run. Limit exposure by ensuring the SCEP service is not running unless it is actively being used to enroll new devices.\n* When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n* Implement physical security controls to prevent unauthorized login attempts on the PIC iX application. Servers should be kept in controlled locked data centers. Access to equipment at nurses\u2019 stations should be controlled and monitored.\n* Only grant remote access to PIC iX servers on a must-have basis.\n* Grant login privileges to the bedside monitor and PIC iX application on a role-based, least-privilege basis, and only to trusted users.\n \nUsers with questions regarding their specific Philips Patient Information Center (PIC iX) and/or IntelliVue patient monitor installations and new release eligibility should contact their local Philips service support team, or regional service support ( https://www.usa.philips.com/healthcare/solutions/customer-service-solutions https://www.usa.philips.com/healthcare/solutions/customer-service-solutions ), or call 1-800-722-9377.\n\nPlease see the Philips product security website ( https://www.philips.com/productsecurity https://www.philips.com/productsecurity ) for the Philips advisory and the latest security information for Philips products.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "EXPOSURE OF RESOURCE TO WRONG SPHERE CWE-668"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16212",
"datePublished": "2020-09-11T13:13:35",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16228
Vulnerability from cvelistv5
Published
2020-09-11 12:58
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
Philips Patient Monitoring Devices Improper Check for Certificate Revocation
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | x_refsource_MISC | |
| https://www.philips.com/productsecurity |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.philips.com/productsecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PerformanceBridge Focal Point",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "A.01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IntelliVue patient monitors",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "MX100"
},
{
"status": "affected",
"version": "MX400-MX550"
},
{
"status": "affected",
"version": "MX750"
},
{
"status": "affected",
"version": "MX850"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IntelliVue X3",
"vendor": "Philips ",
"versions": [
{
"lessThanOrEqual": "N ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Julian Suleder, Nils Emmerich, Birk Kauer of ERNW Research GmbH, Dr. Oliver Matula of ERNW Enno, and Rey Netzwerke GmbH reported these vulnerabilities to the Federal Office for Information Security (BSI), Germany, in the context of the BSI project ManiMed (Manipulation of medical devices), which reported these to Philips."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nIn Patient Information Center iX (PICiX) Versions C.02 and C.03, \nPerformanceBridge Focal Point Version A.01, IntelliVue patient monitors \nMX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and \nprior, the software does not check or incorrectly checks the revocation \nstatus of a certificate, which may cause it to use a compromised \ncertificate.\n\n\u003c/p\u003e"
}
],
"value": "In Patient Information Center iX (PICiX) Versions C.02 and C.03, \nPerformanceBridge Focal Point Version A.01, IntelliVue patient monitors \nMX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and \nprior, the software does not check or incorrectly checks the revocation \nstatus of a certificate, which may cause it to use a compromised \ncertificate.\n\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-299",
"description": "CWE-299 Improper Check for Certificate Revocation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:52:52.755Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
},
{
"url": "https://www.philips.com/productsecurity"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003ePhilips released the following versions to remediate reported vulnerabilities:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePatient Information Center iX (PICiX) Version C.03\u003c/li\u003e\n\u003cli\u003ePerformanceBridge Focal Point\u003c/li\u003e\n\u003cli\u003eIntelliVue Patient Monitors Versions N.00 and N.01\u003c/li\u003e\n\u003cli\u003eIntelliVue Patient Monitors Version M.04: Contact a \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team\u003c/a\u003e for an upgrade path\u003c/li\u003e\n\u003cli\u003eCertificate revocation within the system was implemented for PIC iX \nand Performance Bridge FocalPoint in 2023. The implementation of the \nIntelliVue Patient Monitors will be completed in Q3 of 2024.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Philips released the following versions to remediate reported vulnerabilities:\n\n\n\n * Patient Information Center iX (PICiX) Version C.03\n\n * PerformanceBridge Focal Point\n\n * IntelliVue Patient Monitors Versions N.00 and N.01\n\n * IntelliVue Patient Monitors Version M.04: Contact a Philips service support team https://www.usa.philips.com/healthcare/solutions/customer-service-solutions for an upgrade path\n\n * Certificate revocation within the system was implemented for PIC iX \nand Performance Bridge FocalPoint in 2023. The implementation of the \nIntelliVue Patient Monitors will be completed in Q3 of 2024.\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Philips Patient Monitoring Devices Improper Check for Certificate Revocation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eAs a mitigation to these vulnerabilities, Philips recommends the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://incenter.medical.philips.com/\"\u003eInCenter\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBy default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\u003c/li\u003e\n\u003cli\u003eWhen enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\u003c/li\u003e\n\u003cli\u003eImplement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\u003c/li\u003e\n\u003cli\u003eOnly grant remote access to PIC iX servers on a must-have basis.\u003c/li\u003e\n\u003cli\u003eGrant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.usa.philips.com/healthcare/solutions/customer-service-solutions\"\u003ePhilips service support team, or regional service support\u003c/a\u003e, or call 1-800-722-9377.\u003c/p\u003e\n\u003cp\u003ePlease see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.philips.com/productsecurity\"\u003ePhilips product security website\u003c/a\u003e for the Philips advisory and the latest security information for Philips products.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "As a mitigation to these vulnerabilities, Philips recommends the following:\n\n\n\n * The Philips patient monitoring network is required to be physically \nor logically isolated from the hospital local area network (LAN). \nPhilips recommends using a firewall or routers that can implement access\n control lists restricting access in and out of the patient monitoring \nnetwork for only necessary ports and IP addresses. Refer to the Philips \nPatient Monitoring System Security for Clinical Networks guide for \nadditional information on InCenter https://incenter.medical.philips.com/ .\n\n * By default, the simple certificate enrollment protocol (SCEP) \nservice is not running. When needed, the service is configured to run \nbased on the duration or the number of certificates to be assigned. One \ncertificate is default, but if a certificate is not issued, the service \nwill continue to run. Limit exposure by ensuring the SCEP service is not\n running unless it is actively being used to enroll new devices.\n\n * When enrolling new devices using SCEP, enter a unique challenge password of 8-12 unpredictable and randomized digits.\n\n * Implement physical security controls to prevent unauthorized login \nattempts on the PIC iX application. Servers should be kept in controlled\n locked data centers. Access to equipment at nurses\u2019 stations should be \ncontrolled and monitored.\n\n * Only grant remote access to PIC iX servers on a must-have basis.\n\n * Grant login privileges to the bedside monitor and PIC iX application\n on a role-based, least-privilege basis, and only to trusted users.\n\n\n\n\nUsers with questions regarding their specific Philips Patient \nInformation Center (PIC iX) and/or IntelliVue patient monitor \ninstallations and new release eligibility should contact their local Philips service support team, or regional service support https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , or call 1-800-722-9377.\n\n\nPlease see the Philips product security website https://www.philips.com/productsecurity for the Philips advisory and the latest security information for Philips products.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-16228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips Patient Information Center iX (PICiX), PerformanceBridge Focal Point, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90, IntelliVue X3 and X2.",
"version": {
"version_data": [
{
"version_value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER CHECK FOR CERTIFICATE REVOCATION CWE-299"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16228",
"datePublished": "2020-09-11T12:58:13",
"dateReserved": "2020-07-31T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}