Thursday, March 25, 2021

1 Advisory Published – 3-25-21

Today the CISA NCCIC-ICS published one medical device security advisory for products from Philips.

Philips Advisory

This advisory describes a storage of sensitive data in a mechanism without access control. The vulnerability was reported by Jean GEORGE of CHU UCL Namur. Philips has provided generic mitigation measures for the vulnerability.

NCCIC-ICS reports that a relatively low-skilled attacker with physical access to the device could exploit the vulnerability to allow access to sensitive information (including patient information).

No comments:

/* Use this with templates/template-twocol.html */