CVE-2020-16220

In Patient Information Center iX (PICiX) Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*
cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*
cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*
cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*

History

21 Nov 2024, 05:06

Type Values Removed Values Added
References () https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 - Third Party Advisory, US Government Resource () https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 - Third Party Advisory, US Government Resource
References () https://www.philips.com/productsecurity - () https://www.philips.com/productsecurity -

12 Dec 2023, 21:15

Type Values Removed Values Added
References
  • () https://www.philips.com/productsecurity -
Summary Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling. In Patient Information Center iX (PICiX) Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling.

Information

Published : 2020-09-11 14:15

Updated : 2024-11-21 05:06


NVD link : CVE-2020-16220

Mitre link : CVE-2020-16220

CVE.ORG link : CVE-2020-16220


JSON object : View

Products Affected

philips

  • patient_information_center_ix
  • performancebridge_focal_point
CWE
CWE-1286

Improper Validation of Syntactic Correctness of Input