← Back to home
ICSMA-19-318-01  ·  Published 2019-12-12  ·  View on CISA ICS-CERT ↗

Philips IntelliBridge EC40/80 (Update A)

CVSS 6.3 MEDIUM

Risk Summary

Successful exploitation of this vulnerability may allow an attacker unauthorized access to the IntelliBridge EC40/80 hub and may allow access to execute software, modify system configuration, or view/update files, including unidentifiable patient data.

CVEs (1)

Remediations

  • Philips plans a new release to remediate this vulnerability by the end of Q3 2020.
  • As an interim mitigation to this vulnerability, Philips recommends the following:
  • Users with questions about their specific EC40/80 product should contact a Philips service support team or regional service support.
  • The Philips advisory is available at the following URL: http://www.philips.com/productsecurity
  • Please see the Philips product security website for the latest security information for Philips products:
  • https://www.philips.com/productsecurity
  • https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm

Affected Vendors

Philips

Affected Products (2)

Philips · IntelliBridge EC80 Hub vers:all/*
Philips · IntelliBridge EC40 Hub vers:all/*

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more