If the vulnerability was exploited successfully, a hacker could access the system resources, including to execute software or to view files, directories or system configuration. If clinicians have installed document export functions on the management systems, hackers could also gain access to patients’ protected health information because of the vulnerability.
The flaw within the IntelliSpace Perinatal application can be exploited remotely.
Philips has been notified of the vulnerability and has made updates. The company recommends users operate all deployed and supported Philips IntelliSpace Perinatal products within Philips authorized specifications.
Because the management system runs with Windows software, Philips says users should always lock Windows when not actively using the device. Additionally, users should configure local and network firewalls to prevent unauthorized access.
Philips is assessing options for remediation in the next minor product update.
More articles on cybersecurity:
DeepThink Health, VScript left thousands of patients’ info exposed online
Hackers try to divert payments to telemedicine company into fraudulent bank accounts
Texas lab alerts 16,000 patients of data breach
