← Back to home
ICSMA-18-058-02  ·  Published 2018-02-27  ·  View on CISA ICS-CERT ↗

Philips Intellispace Portal ISP Vulnerabilities

CVSS 9.8 CRITICAL CISA KEV — Known Exploited

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to sensitive information, perform man-in-the-middle attacks, create denial of service conditions, or execute arbitrary code.

CVEs (35)

Remediations

  • Philips' evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips' InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com
  • Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.
  • Philips' contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions
  • Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity

Affected Vendors

Phillips

Affected Products (2)

Phillips · IntelliSpace Portal 8.0.x vers:all/*
Phillips · IntelliSpace Portal 7.0.x vers:all/*

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more