Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIcscertCVELIST:CVE-2020-16212
HistorySep 11, 2020 - 1:13 p.m.

CVE-2020-16212 Philips Patient Monitoring Devices Exposure of Resource to Wrong Sphere

2020-09-1113:13:35
CWE-668
icscert
www.cve.org

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.1%

JSON

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Patient Information Center iX (PICiX)",
    "vendor": "Philips",
    "versions": [
      {
        "status": "affected",
        "version": "B.02"
      },
      {
        "status": "affected",
        "version": "C.02"
      },
      {
        "status": "affected",
        "version": "C.03"
      }
    ]
  }
]

Related

cve 1
prion 1
nvd 1
ics 1
cve
cve
CVE-2020-16212
2020-09-11 14:15:11
prion
prion
Code injection
2020-09-11 14:15:00
nvd
nvd
CVE-2020-16212
2020-09-11 14:15:11
ics
ics
Philips Patient Monitoring Devices (Update C)
2023-12-14 12:00:00

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.1%

JSON
Related for CVELIST:CVE-2020-16212
cve1prion1nvd1ics1