196 matches found
Sourcecodester Hospital Patient Records Management System SQL注入漏洞(CNVD-2022-48748)
Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System contains a SQL injection vulnerability that originates in...
Patient Records Management System SQL注入漏洞
Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System contains a SQL injection vulnerability that originates in...
Connected Healthcare: A Cybersecurity Battlefield We Must Win
Connected Healthcare: A Cybersecurity Battlefield We Must Win By Trellix · June 6, 2022 This blog was written by Charles McFarland We are commonly taught to prioritize the most critical, severe, or impactful tasks when trying to conquer a list of intimidating problems. Yet, how is this possible...
Hospitals taken offline after cyberattack
The GHT Coeur Grand Est has become a victim of a cyberattack on the hospital centers of Vitry-le-François and Saint-Dizier. The hospital’s administration has warned French that data have been exfiltrated and might be used for phishing in the future. As a consequence, the GHT Cœur Grand Est has cu...
CVE-2022-1067
The CVE-2022-1067 issue affects LifePoint Informatics Patient Portal (Product: LifePoint Informatics Patient Portal; Affected Version: LPI 3.5.12.P30). It is an Authentication Bypass using an alternate path or channel (CWE-288) where navigating to a URL with a patient ID causes the server to gene...
Design/Logic Flaw
Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without having the intended level of privilege. Despite OpenEyes returning a Forbidden error message, the contents of a patient's profile are still returned in the server response. This respons...
CVE-2021-40375
CVE-2021-40375 affects OpenEyes 3.5.1 (Apperta Foundation). The vulnerability allows remote attackers to view sensitive patient information (PII, medication history) because the server responded with sensitive data in responses despite returning a Forbidden message. Underlying cause and mitigatio...
Apperta Foundation OpenEyes 信息泄露漏洞
Apperta Foundation OpenEyes is an open source electronic medical record ERP from the Apperta Foundation. A security vulnerability exists in Apperta Foundation OpenEyes 3.5.1 that allows remote attackers to view sensitive patient information without the expected privilege level...
Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft
Telehealth care is on the rise as medical service providers cope with the strain of a pandemic and rising costs. But the rush to roll out remote healthcare has also unleashed a universe of wearable medical devices to collect sensitive data, which researchers say are widely vulnerable to attack...
Philips Patient Information Center iX 输入验证错误漏洞
Philips Patient Information Center iX Philips Patient Information Center PIC iX, a Philips company in Europe, is at the heart of our patient monitoring system, which facilitates understanding of the patient's condition and helps caregivers to identify potential deterioration at an early stage, as...
Philips IntelliBridge EC80 Hub 安全漏洞
Philips IntelliBridge Enterprise IBE is a solution from Philips Europe that provides a single point of contact between EHR Electronic Health Record and Philips clinical solutions. A security vulnerability exists in the Philips IntelliBridge EC 40 and EC 80 Hubs, which stems from the fact that...
Philips Patient Information Center iX 安全漏洞
Philips Patient Information Center iX Philips Patient Information Center PIC iX, a Philips company in Europe, is at the heart of our patient monitoring system, which facilitates understanding of the patient's condition and helps caregivers to identify potential deterioration at an early stage, as...
Philips Patient Information Center iX 加密问题漏洞
Philips Patient Information Center iX Philips Patient Information Center PIC iX, a Philips company in Europe, is at the heart of our patient monitoring system, which facilitates understanding of the patient's condition and helps caregivers to identify potential deterioration at an early stage,...
Philips IntelliBridge EC80 Hub 信任管理问题漏洞
Philips IntelliBridge Enterprise IBE is a solution from Philips Europe that provides a single point of contact between EHR Electronic Health Record and Philips clinical solutions. The Philips IntelliBridge EC 40 and EC 80 Hubs have trust management issue vulnerabilities that stem from Successful...
Philips IntelliBridge EC 40 and EC 80 Hub
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: Philips Equipment: IntelliBridge EC 40 and EC 80 Hub Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of these...
Critical Flaws in Philips TASY EMR Could Expose Patient Data
The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning of critical vulnerabilities affecting Philips Tasy electronic medical records EMR system that could be exploited by remote threat actors to extract sensitive personal data from patient databases. "Successful exploitation of...
B. Braun SpaceCom2 input validation error vulnerability
B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to an external device to record data in a patient data management system, PC, or USB memory stick. A remote, unauthenticated attacker could use this vulnerability to gain user-level command-line access by passing a raw extern...
B. Braun SpaceCom2 访问控制错误漏洞
B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to external devices to record data in a patient data management system, PC or USB stick.An access control error vulnerability exists in previous versions of B. Braun SpaceCom2 012U000062, which stems from a lack of...
B.Braun SpaceCom2 数据伪造问题漏洞
The B. Braun SpaceCom2 is a hardware device from B. Braun Germany designed to connect to external devices to record data in a patient data management system, PC, or USB memory stick. A security vulnerability exists in versions prior to B. Braun SpaceCom2 012U000062, which arises from insufficient...
OpenEMR Access Control Error Vulnerability
OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An access control error vulnerability exists in OpenEMR version 5.0.2.1, which ste...