CVE-2020-16228

Philips Patient Monitoring Devices Improper Check for Certificate Revocation

EPSS 0.4%CWE-299

In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate.

Produtos afetados

Philips · IntelliVue patient monitors Philips · IntelliVue X3 Philips · Patient Information Center iX (PICiX)Philips · PerformanceBridge Focal Point

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 https://www.philips.com/productsecurity