ICSMA-20-163-01
·
Published 2020-06-11
·
View on CISA ICS-CERT ↗
Philips IntelliBridge Enterprise IBE
CVSS 2.0
LOW
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to access credentials to the hospital 's clinical information systems (EMR).
CVEs (1)
Remediations
- Philips plans a new release (IBE B.13) by the end of Q4 2020 that remediates the security risk by not logging the plain text user credentials in the log file.
- As an interim mitigation to this vulnerability, Philips recommends the following:
- Users with questions regarding their specific Philips IntelliBridge Enterprise installation should contact their local Philips service support team, or regional service support.
- Users can see the Philipsadvisory for more details, and contact the Philips Customer Service Solutions team for additional guidance. Please see the Philips product security website for the latest security information for Philips products.
Affected Vendors
Philips
Affected Products (4)
Philips
·
IntelliBridge Enterprise system integration with IntelliVue Guardian
IGS
Philips
·
IntelliBridge Enterprise system integration with SureSigns
VS4
Philips
·
IntelliBridge Enterprise system integration with EarlyVue
VS30
Philips
·
IntelliBridge Enterprise (IBE)
<= B.12
Affected Sectors
Healthcare and Public Health
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more