Vulnerability CVE-2020-16222
Published: 2020-09-11

Description:
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. When an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.

Type:

CWE-287

 (Improper Authentication)

CVSS2 => (AV:A/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
6.4/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Philips -> Patient information center ix 
Philips -> Performancebridge focal point 

 References:
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
Copyright 2024, cxsecurity.com

 

Back to Top