C.03

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

philips

NVD

Published: 2021-12-27

Updated: 2024-11-21

Summary

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.

Vulnerable Configurations

Part	Description	Count
Application	Philips Philips Patient Information Center IX B.02 Philips Patient Information Center IX C.02 Philips Patient Information Center IX C.03	3

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02