Philips to update radiation application after discovering security vulnerability

Philips issued a notification disclosing security vulnerabilities in its Philips DoseWise Portal application Aug. 17.

Philips DoseWise Portal is a radiation dose management application that helps providers collect and analyze radiation dose metrics across X-ray imaging devices. The company learned of security vulnerabilities in the product's hard-coded database credentials after a customer submitted a compliant.

"Successful exploitation may allow a remote attacker to gain access to the database of the DoseWise Portal application which contains patient health information," the notification reads. "Potential impact could include compromise of patient confidentiality, system integrity and/or system availability."

The notification emphasized Philips has not received any reports related to individuals exploiting these vulnerabilities. For a cyberattacker to take advantage of these vulnerabilities, he or should would have to have established privileges to access the web application's back-end system files, according to Philips.

Philips officials said the company has notified its customers of the security vulnerabilities and will coordinate with them to schedule updates. The company plans to release an updated product version and supporting product documentation this month.

Until that update is released, Philips officials recommended customers take precautions like implementing best practices for network security.

Click here to view the full notification.

More articles on health IT:
NIH provides up to $14.8M for pediatric data resource center
Allscripts, Elligo Health Research partner to streamline clinical trials
Can AI improve cancer care in remote areas? 3 questions with Dr. Andrew Norden of IBM Watson Health

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Content

Featured Webinars

Featured Whitepapers