Multiple vulnerabilities in Philips Patient Monitoring Devices



Published: 2020-09-11 | Updated: 2020-09-11
Risk Medium
Patch available NO
Number of vulnerabilities 8
CVE-ID CVE-2020-16214
CVE-2020-16218
CVE-2020-16222
CVE-2020-16228
CVE-2020-16224
CVE-2020-16220
CVE-2020-16216
CVE-2020-16212
CWE-ID CWE-94
CWE-79
CWE-287
CWE-299
CWE-130
CWE-20
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
Patient Information Center iX
Hardware solutions / Medical equipment

PerformanceBridge Focal Point
Hardware solutions / Medical equipment

IntelliVue patient monitors MX100
Hardware solutions / Medical equipment

IntelliVue patient monitors MX400
Hardware solutions / Medical equipment

IntelliVue patient monitors MX430
Hardware solutions / Medical equipment

IntelliVue patient monitors MX450
Hardware solutions / Medical equipment

IntelliVue patient monitors MX500
Hardware solutions / Medical equipment

IntelliVue patient monitors MX550
Hardware solutions / Medical equipment

IntelliVue patient monitors MX850
Hardware solutions / Medical equipment

IntelliVue patient monitors MX750
Hardware solutions / Medical equipment

IntelliVue X3
Hardware solutions / Medical equipment

IntelliVue patient monitors MX600
Hardware solutions / Medical equipment

IntelliVue patient monitors MX700
Hardware solutions / Medical equipment

IntelliVue patient monitors MX800
Hardware solutions / Medical equipment

IntelliVue patient monitors MP2
Hardware solutions / Medical equipment

IntelliVue patient monitors MP5
Hardware solutions / Medical equipment

IntelliVue patient monitors MP20
Hardware solutions / Medical equipment

IntelliVue patient monitors MP30
Hardware solutions / Medical equipment

IntelliVue patient monitors MP40
Hardware solutions / Medical equipment

IntelliVue patient monitors MP50
Hardware solutions / Medical equipment

IntelliVue patient monitors MP60
Hardware solutions / Medical equipment

IntelliVue patient monitors MP70
Hardware solutions / Medical equipment

IntelliVue patient monitors MP80
Hardware solutions / Medical equipment

IntelliVue patient monitors MP90
Hardware solutions / Medical equipment

IntelliVue X2
Hardware solutions / Medical equipment

Vendor Philips

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) CSV Injection

EUVDB-ID: #VU46646

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16214

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a local user to inject arbitrary data into CSV files.

The vulnerability exists due to improper input validation when generating CSV files. A local administrator can create specially crafted CSV files and trick the victim into exporting the file with malicious content.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: B.02 - C.03


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Cross-site scripting

EUVDB-ID: #VU46647

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16218

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote authenticated attacker on the local network can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: B.02 - C.03


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper Authentication

EUVDB-ID: #VU46648

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-16222

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. A remote attacker on the local network can bypass authentication process and gain unauthorized access to the application.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: B.02 - C.03

PerformanceBridge Focal Point: A.01


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Improper Check for Certificate Revocation

EUVDB-ID: #VU46649

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16228

CWE-ID: CWE-299 - Improper Check for Certificate Revocation

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the target system.

The vulnerability exists due to the affected software does not check or incorrectly checks the revocation status of a certificate. A remote administrator on the local network can compromise certificate.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: B.02 - C.03

IntelliVue patient monitors MX100: N

IntelliVue patient monitors MX400: N

IntelliVue patient monitors MX430: N

IntelliVue patient monitors MX450: N

IntelliVue patient monitors MX500: N

IntelliVue patient monitors MX550: N

IntelliVue patient monitors MX850: N

IntelliVue patient monitors MX750: N

IntelliVue X3: N


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Improper Handling of Length Parameter Inconsistency

EUVDB-ID: #VU46650

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16224

CWE-ID: CWE-130 - Improper Handling of Length Parameter Inconsistency

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the affected software parses a formatted message or structure but does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data. A remote attacker on the local network can cause the application on the surveillance station to restart.  

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: C.02 - C.03


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Input validation error

EUVDB-ID: #VU46651

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16220

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of syntactic correctness of input. A remote attacker on the local network can pass specially crafted input to the application and crash the certificate enrollment service.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: C.02 - C.03

PerformanceBridge Focal Point: A.01


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Input validation error

EUVDB-ID: #VU46652

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16216

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

IntelliVue patient monitors MX100: N

IntelliVue patient monitors MX400: N

IntelliVue patient monitors MX430: N

IntelliVue patient monitors MX450: N

IntelliVue patient monitors MX500: N

IntelliVue patient monitors MX550: N

IntelliVue patient monitors MX600: N

IntelliVue patient monitors MX700: N

IntelliVue patient monitors MX750: N

IntelliVue patient monitors MX800: N

IntelliVue patient monitors MX850: N

IntelliVue patient monitors MP2: N

IntelliVue patient monitors MP5: N

IntelliVue patient monitors MP20: N

IntelliVue patient monitors MP30: N

IntelliVue patient monitors MP40: N

IntelliVue patient monitors MP50: N

IntelliVue patient monitors MP60: N

IntelliVue patient monitors MP70: N

IntelliVue patient monitors MP80: N

IntelliVue patient monitors MP90: N

IntelliVue X3: N

IntelliVue X2: N


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU46653

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-16212

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the affected product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. An attacker with physical access can escape the restricted environment with limited privileges.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Patient Information Center iX: B.02 - C.03


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-20-254-01

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###