ICSMA-20-177-01
·
Published 2020-06-25
·
View on CISA ICS-CERT ↗
Philips Ultrasound Systems
CVSS 3.6
LOW
Risk Summary
Successful exploitation of this vulnerability may allow a non-authenticated attacker to view or modify information.
CVEs (1)
Remediations
- Philips released Ultrasound EPIQ/Affiniti Version VM6.0 in April 2020 and recommends users with the Ultrasound EPIQ/Affiniti systems to contact their local Philips service support team, or regional service support for installation information.
- Philips is currently planning the following new releases:
- As an interim mitigation to this vulnerability, Philips recommends customers ensure service providers can guarantee installed device integrity during all service and repair operations.
- Users with questions regarding their specific Ultrasound installation should contact the Philips service support team or regional service support.
- Users can contact Philipscustomer service, and find more details in the Philipsadvisory (external link). Please see the Philips product security website for the latest security information for Philips products.
Affected Vendors
Philips
Affected Products (5)
Philips
·
Ultrasound ClearVue
<= 3.2
Philips
·
Ultrasound Xperius
vers:all/*
Philips
·
Ultrasound CX
<= 5.0.2
Philips
·
Ultrasound EPIQ/Affiniti
<= VM5.0
Philips
·
Ultrasound Sparq
<= 3.0.2
Affected Sectors
Healthcare and Public Health
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more