Authentication bypass in Philips Ultrasound Systems

Published: 2020-06-26

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2020-14477
CWE-ID	CWE-288
Exploitation vector	Local
Public exploit	N/A
Vulnerable software Subscribe	Ultrasound ClearVue Hardware solutions / Medical equipment Ultrasound CX Hardware solutions / Medical equipment Ultrasound EPIQ Hardware solutions / Medical equipment Ultrasound Affiniti Hardware solutions / Medical equipment Ultrasound Sparq Hardware solutions / Medical equipment Ultrasound Xperius Hardware solutions / Medical equipment
Vendor	Philips

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU29305

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-14477

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to bypass authentication process.

The vulnerability exist due to improper implementation of the authentication process. A local user can use an alternate path or channel that does not require authentication of the alternate service login to view or modify information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Ultrasound ClearVue: 3.2

Ultrasound CX: 5.0.2

Ultrasound EPIQ: 5.0

Ultrasound Affiniti: 5.0

Ultrasound Sparq: 3.0.2

Ultrasound Xperius: All versions

Fixed software versions

CPE2.3

cpe:2.3:h:philips:ultrasound_clearvue:*:*:*:*:*:*:*:*

External links

http://ics-cert.us-cert.gov/advisories/icsma-20-177-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?