U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2020-16218

Change History

CVE Modified by ICS-CERT 12/12/2023 4:15:07 PM

Action Type Old Value New Value
Changed Description
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access to patient data via a read-only web application.
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the 
software does not neutralize or incorrectly neutralizes 
user-controllable input before it is placed in output that is then used 
as a webpage and served to other users. Successful exploitation could 
lead to unauthorized access to patient data via a read-only web 
application.



Added Reference

								
							
							
						
ICS-CERT https://www.philips.com/productsecurity [No types assigned]