{ "id": "CVE-2020-16228", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2020-09-11T13:15:11.377", "lastModified": "2024-11-21T05:06:58.877", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Patient Information Center iX (PICiX) Versions C.02 and C.03, \nPerformanceBridge Focal Point Version A.01, IntelliVue patient monitors \nMX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and \nprior, the software does not check or incorrectly checks the revocation \nstatus of a certificate, which may cause it to use a compromised \ncertificate.\n\n\n\n" }, { "lang": "es", "value": "Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versi\u00f3n A.01, Monitores de paciente IntelliVue MX100, MX400-MX850 y MP2-MP90 Versiones N y anteriores, IntelliVue X3 y X2 Versiones N y anteriores. El software no comprueba o comprueba inapropiadamente el estado de revocaci\u00f3n de un certificado, lo que puede causar que use un certificado comprometido" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "baseScore": 6.4, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "LOW" }, "exploitabilityScore": 0.9, "impactScore": 5.5 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "baseScore": 5.2, "accessVector": "ADJACENT_NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 5.1, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "ics-cert@hq.dhs.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-299" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*", "matchCriteriaId": "C4FA1FEC-5139-48C1-856C-8062436AE6C6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*", "matchCriteriaId": "F3220AB2-AC0D-4AC2-90D8-76C02FC693EB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*", "matchCriteriaId": "AE1FB3E9-E269-434A-B1C2-D54C40F437BE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*", "matchCriteriaId": "3B4CF59B-32DC-4F48-88C5-77B96E937E93" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mp2-mp90_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BDDAC8D-53B7-4B52-8EE2-510E6FE215D8" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mp2-mp90:n:*:*:*:*:*:*:*", "matchCriteriaId": "A9B11FBA-4FCF-4B0A-ADA9-6BB59686A8DE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D7C4F77-6005-4AAA-83CA-CA9F60043A7A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D2A5BBF-C360-4281-AD34-C0941831DA64" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "58F21718-A0DE-419E-B82D-447ADC337E30" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*", "matchCriteriaId": "27B8D0E2-316A-45E5-8FC1-AE70F07DB7FA" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx850_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77650C8F-73D8-4DBC-8673-40502748C3CE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx850:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1F44D95-5744-4475-9312-63E1F422B236" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E42604C2-7CB6-42AC-9272-CFABFC4DC85A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_x2:n:*:*:*:*:*:*:*", "matchCriteriaId": "DA10D49B-DBB0-4E4D-B0C9-17F91D22E5AB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "708EB7F4-9747-4B0C-937D-F1ED07300FAE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_x3:n:*:*:*:*:*:*:*", "matchCriteriaId": "221DDFB6-3F7D-4611-9A87-2D216DF79A2B" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9C6A5F3-C845-4561-A451-DC3C966E8D8C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*", "matchCriteriaId": "C38B732B-8629-40FE-A333-E69A7F2CFB18" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx750_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B60F7F6F-995F-4251-9DF8-897F42025B2C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx750:-:*:*:*:*:*:*:*", "matchCriteriaId": "F77F9328-BFE3-42C9-A487-6295B05274ED" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "43C2466F-A371-4386-B098-F724D5CD14CB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDF21FA3-9650-442F-8E13-281A9975C47B" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx600_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B4394A2A-C9F4-4E56-866E-EB49F6B32C3D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx600:-:*:*:*:*:*:*:*", "matchCriteriaId": "186C49C9-BDA8-4083-A3E9-606BBA027CAB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D72DF93-DF02-411D-80BE-85286F553B1E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B03E7D9-01DC-492F-BA52-9165E78BE498" } ] } ] } ], "references": [ { "url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01", "source": "ics-cert@hq.dhs.gov", "tags": [ "Third Party Advisory", "US Government Resource" ] }, { "url": "https://www.philips.com/productsecurity", "source": "ics-cert@hq.dhs.gov" }, { "url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ] }, { "url": "https://www.philips.com/productsecurity", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }