Today the CISA NCCIC-ICS published one medical device security advisory for products from Philips.
Philips Advisory
This advisory describes a storage of sensitive data in a mechanism without access control. The vulnerability was reported by Jean GEORGE of CHU UCL Namur. Philips has provided generic mitigation measures for the vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker with
physical access to the device could exploit the vulnerability to allow access
to sensitive information (including patient information).
Posts
No comments:
Post a Comment