CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2020-16216 – Philips Patient Monitoring Devices Improper Input Validation
https://notcve.org/view.php?id=CVE-2020-16216
11 Sep 2020 — In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart. Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versión A.01, Monitores de paciente... • https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 26EXPL: 0CVE-2020-16228 – Philips Patient Monitoring Devices Improper Check for Certificate Revocation
https://notcve.org/view.php?id=CVE-2020-16228
11 Sep 2020 — In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate. Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versión A.01, Monitores de paciente IntelliVue MX100, MX400-MX... • https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 • CWE-299: Improper Check for Certificate Revocation •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2019-13530
https://notcve.org/view.php?id=CVE-2019-13530
12 Sep 2019 — Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). An attacker can use these credentials to login via ftp and upload a malicious firmware. Philips IntelliVue WLAN, monitores portátiles de pacientes, WLAN Versión A, Firmware A.03.09, WLAN Versión A, Firmware A.03.09, Número de ... • https://www.us-cert.gov/ics/advisories/icsma-19-255-01 • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2019-13534
https://notcve.org/view.php?id=CVE-2019-13534
12 Sep 2019 — Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. Philips IntelliVue WLAN, monitores portátiles de pacientes, W... • https://www.us-cert.gov/ics/advisories/icsma-19-255-01 • CWE-494: Download of Code Without Integrity Check •