Vulnerabilities > Philips > Patient Information Center IX

DATE CVE VULNERABILITY TITLE RISK
2021-12-27 CVE-2021-43548 Unspecified vulnerability in Philips Patient Information Center IX C.02/C.03
Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.
low complexity
philips
6.5
2021-12-27 CVE-2021-43550 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Efficia CM Firmware and Patient Information Center IX
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
low complexity
philips CWE-327
6.5
2021-12-27 CVE-2021-43552 Unspecified vulnerability in Philips Patient Information Center IX B.02/C.02/C.03
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.
local
low complexity
philips
5.5
2020-09-11 CVE-2020-16224 Unspecified vulnerability in Philips Patient Information Center IX C.02/C.03
In Patient Information Center iX (PICiX) Versions C.02, C.03, the software parses a formatted message or structure but does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data, causing the application on the surveillance station to restart.
low complexity
philips
6.5
2020-09-11 CVE-2020-16220 Unspecified vulnerability in Philips products
In Patient Information Center iX (PICiX) Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash.
low complexity
philips
4.3
2020-09-11 CVE-2020-16216 Unspecified vulnerability in Philips products
In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.
low complexity
philips
6.5
2020-09-11 CVE-2020-16212 Exposure of Resource to Wrong Sphere vulnerability in Philips Patient Information Center IX B.02/C.02/C.03
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
low complexity
philips CWE-668
6.8
2020-09-11 CVE-2020-16228 Unspecified vulnerability in Philips products
In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate.
low complexity
philips
6.4
2020-09-11 CVE-2020-16222 Unspecified vulnerability in Philips products
In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.
low complexity
philips
8.8
2020-09-11 CVE-2020-16218 Unspecified vulnerability in Philips Patient Information Center IX B.02/C.02/C.03
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users.
low complexity
philips
3.5