CVE-2020-16216

In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*
cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*
cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*
cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:philips:intellivue_mp2-mp90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mp2-mp90:n:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:philips:intellivue_mx850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx850:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_x2:n:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_x3:n:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:philips:intellivue_mx750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx750:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:philips:intellivue_mx600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx600:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:06

Type Values Removed Values Added
References () https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 - Third Party Advisory, US Government Resource () https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 - Third Party Advisory, US Government Resource
References () https://www.philips.com/productsecurity - () https://www.philips.com/productsecurity -

12 Dec 2023, 21:15

Type Values Removed Values Added
References
  • () https://www.philips.com/productsecurity -
Summary Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart. In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.

Information

Published : 2020-09-11 14:15

Updated : 2024-11-21 05:06


NVD link : CVE-2020-16216

Mitre link : CVE-2020-16216

CVE.ORG link : CVE-2020-16216


JSON object : View

Products Affected

philips

  • intellivue_x2_firmware
  • intellivue_mx600
  • intellivue_mx100_firmware
  • intellivue_mx550
  • patient_information_center_ix
  • intellivue_mp2-mp90
  • intellivue_mx700_firmware
  • intellivue_mx850
  • intellivue_mx750
  • performancebridge_focal_point
  • intellivue_mx850_firmware
  • intellivue_mx100
  • intellivue_mx700
  • intellivue_mx400
  • intellivue_mp2-mp90_firmware
  • intellivue_mx800_firmware
  • intellivue_x3
  • intellivue_mx400_firmware
  • intellivue_mx550_firmware
  • intellivue_x3_firmware
  • intellivue_x2
  • intellivue_mx800
  • intellivue_mx600_firmware
  • intellivue_mx750_firmware
CWE
CWE-20

Improper Input Validation