CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2020-16216 – Philips Patient Monitoring Devices Improper Input Validation
https://notcve.org/view.php?id=CVE-2020-16216
11 Sep 2020 — In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart. Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versión A.01, Monitores de paciente... • https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 26EXPL: 0CVE-2020-16228 – Philips Patient Monitoring Devices Improper Check for Certificate Revocation
https://notcve.org/view.php?id=CVE-2020-16228
11 Sep 2020 — In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate. Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versión A.01, Monitores de paciente IntelliVue MX100, MX400-MX... • https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 • CWE-299: Improper Check for Certificate Revocation •
CVSS: 8.3EPSS: 0%CPEs: 36EXPL: 0CVE-2018-10597
https://notcve.org/view.php?id=CVE-2018-10597
05 Jun 2018 — IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to access memory ("write-what-where") from an attacker-chosen device address within the same subnet. IntelliVue Patient Monitors MP Series (incluyendo MP2/X2/MP30/MP50/MP70/NP90... • https://ics-cert.us-cert.gov/advisories/ICSMA-18-156-01 • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 36EXPL: 0CVE-2018-10599
https://notcve.org/view.php?id=CVE-2018-10599
05 Jun 2018 — IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet. IntelliVue Patient Monitors MP Series (incluyendo MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, In... • https://ics-cert.us-cert.gov/advisories/ICSMA-18-156-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.2EPSS: 0%CPEs: 36EXPL: 0CVE-2018-10601
https://notcve.org/view.php?id=CVE-2018-10601
05 Jun 2018 — IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow. IntelliVu... • https://ics-cert.us-cert.gov/advisories/ICSMA-18-156-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •