CVE-2021-43550

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.

CVE-2020-16216

In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750,MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior,the product receives input or data but does not validate or incorrectlyvalidates that the input has the properties required to process the datasafely and correc...

CVE-2021-43552

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.

CVE-2020-16212

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local bre...

CVE-2020-16228

In Patient Information Center iX (PICiX) Versions C.02 and C.03,PerformanceBridge Focal Point Version A.01, IntelliVue patient monitorsMX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N andprior, the software does not check or incorrectly checks the revocationstatus of a certificate, wh...

CVE-2021-43548

Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.

CVE-2020-16224

In Patient Information Center iX (PICiX) Versions C.02, C.03, thesoftware parses a formatted message or structure but does not handle orincorrectly handles a length field that is inconsistent with the actuallength of the associated data, causing the application on thesurveillance station to restart...