CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-16212

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.7%

CVSS Severity

CVSS v3 Score 6.8

CVSS v2 Score 4.6

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity

Products affected by CVE-2020-16212

Philips » Patient Information Center Ix » Version: b.02

cpe:2.3:a:philips:patient_information_center_ix:b.02
Philips » Patient Information Center Ix » Version: c.02

cpe:2.3:a:philips:patient_information_center_ix:c.02
Philips » Patient Information Center Ix » Version: c.03

cpe:2.3:a:philips:patient_information_center_ix:c.03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-16212

Products

Pricing

Contact Us