The Cybersecurity and Infrastructure Security Agency issued a warning March 29 about a security vulnerability in Philips Healthcare's e-Alert magnetic resonance imaging monitoring software.
CISA warned that software versions 2.7 and prior releases of Philips' e-Alert contain a security vulnerability that could potentially allow unauthorized users to remotely shutdown systems.
According to the warning, the software does not perform any authentication for critical system functionality, meaning that in the event of a cybersecurity incident, an unauthorized party, who has access to a healthcare facility's network, would be able to get into the system.
Phillips released its own warning March 29 stating that it has received no reports of exploitation due to this vulnerability and that its software does not pose a risk to patient safety as it is "not a medical device."
Philips plans a new release to remediate the vulnerability before July 2022, according to CISA.