Philips reports vulnerability in some ultrasound software: 4 details

Health tech company Philips issued a notification of a low-severity vulnerability for specific versions of its ultrasound software applications on June 24.

Four things to know:

1. The company reported that unauthorized personnel could potentially bypass authentication through an alternate path or channel, or alternate service login, and gain access to the software.

2. The vulnerability is not a device safety issue, and the company doesn't expect it to result in patient harm. There have been no reports of individuals exploiting the vulnerability, Philips said.

3. If an unauthorized individual exploits the vulnerability, ultrasound device features that weren't included with system purchase could be accessed.

4. The vulnerability is associated with the Ultrasound ClearVue version 3.2 and Ultrasound CX versions 5.0.2 and prior, as well as the Ultrasound EPIQ and Affinity versions VM5.0 and prior. The Ultrasound Sparq version 3.0.2 and prior, as well as Ultrasound Xperius, are also affected.

More articles on cybersecurity:
American Medical Technologies data security incident exposes 47,767 individuals' info
CHI St. Luke's hospital email hack exposes patient info: 4 details
Care New England resolves cyberattack after nearly weeklong computer system outage

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Whitepapers

Featured Webinars