First published: Fri Sep 11 2020(Updated: )
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling.
Credit: ics-cert@hq.dhs.gov ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Philips Patient Information Center Ix | =b.02 | |
Philips Patient Information Center Ix | =c.02 | |
Philips Patient Information Center Ix | =c.03 | |
Philips Performancebridge Focal Point | =a.01 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-16220 is medium with a severity value of 4.3.
Versions B.02, C.02, and C.03 of Patient Information Center iX (PICiX) are affected by CVE-2020-16220.
Version A.01 of PerformanceBridge Focal Point is affected by CVE-2020-16220.
Versions N and prior of IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 are affected by CVE-2020-16220.
The Common Weakness Enumeration (CWE) ID for CVE-2020-16220 is CWE-1286.