CVE-2020-16228

Published Sep 11, 2020

Last updated a year ago

CVSS medium 6.4

Overview

Description: In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate.
Source: ics-cert@hq.dhs.gov
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.4
Impact score: 5.5
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5.2
Impact score: 6.4
Exploitability score: 5.1
Vector string: AV:A/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

ics-cert@hq.dhs.gov: CWE-299

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4FA1FEC-5139-48C1-856C-8062436AE6C6"
          },
          {
            "criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3220AB2-AC0D-4AC2-90D8-76C02FC693EB"
          },
          {
            "criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE1FB3E9-E269-434A-B1C2-D54C40F437BE"
          },
          {
            "criteria": "cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B4CF59B-32DC-4F48-88C5-77B96E937E93"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mp2-mp90_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BDDAC8D-53B7-4B52-8EE2-510E6FE215D8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mp2-mp90:n:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A9B11FBA-4FCF-4B0A-ADA9-6BB59686A8DE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D7C4F77-6005-4AAA-83CA-CA9F60043A7A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0D2A5BBF-C360-4281-AD34-C0941831DA64"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58F21718-A0DE-419E-B82D-447ADC337E30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "27B8D0E2-316A-45E5-8FC1-AE70F07DB7FA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx850_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77650C8F-73D8-4DBC-8673-40502748C3CE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A1F44D95-5744-4475-9312-63E1F422B236"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E42604C2-7CB6-42AC-9272-CFABFC4DC85A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_x2:n:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA10D49B-DBB0-4E4D-B0C9-17F91D22E5AB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "708EB7F4-9747-4B0C-937D-F1ED07300FAE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_x3:n:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "221DDFB6-3F7D-4611-9A87-2D216DF79A2B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9C6A5F3-C845-4561-A451-DC3C966E8D8C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C38B732B-8629-40FE-A333-E69A7F2CFB18"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx750_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B60F7F6F-995F-4251-9DF8-897F42025B2C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx750:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F77F9328-BFE3-42C9-A487-6295B05274ED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43C2466F-A371-4386-B098-F724D5CD14CB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DDF21FA3-9650-442F-8E13-281A9975C47B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx600_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4394A2A-C9F4-4E56-866E-EB49F6B32C3D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "186C49C9-BDA8-4083-A3E9-606BBA027CAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D72DF93-DF02-411D-80BE-85286F553B1E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B03E7D9-01DC-492F-BA52-9165E78BE498"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References