DHS issues advisory on encryption vulnerability in Philips HealthSuite app

Anuja Vaidya (Twitter) - Print  | 

The Department of Homeland Security issued a medical advisory related to the Philips HealthSuite Health Android App, an application that enables users to view and track body measurements, including heart rate and sleep.

The advisory relates to a detected vulnerability that "may allow an attacker with physical access to impact confidentiality and integrity of the product." The vulnerability is that the software uses simple encryption that is not strong enough for the level of protection required.

A security researcher reported this vulnerability to Philips, and the company has also issued a product security advisory stating, "this vulnerability will be addressed by a new software release scheduled for [the first quarter of] 2019."

Additionally, Philips noted it has not received reports of exploitation of this vulnerability or of clinical use incidents associated with the vulnerability.

More articles on health IT:
Colorado hospital to pay $111K HIPAA settlement
HIMSS taps new chief Americas officer: 4 things to know
4 questions to assess whether blockchain 'makes sense' at your hospital

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.