"Philips Working on Patches for Vulnerabilities Found in Medical Products"

Researchers at the industrial cybersecurity firm Nozomi Networks discovered several vulnerabilities in some of Philips' medical products, including the IntelliBridge hub, Patient Information Center iX (PIC iX), and Efficia CM Series. Philips and the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) issued advisories for the vulnerabilities. According to one advisory, two of the flaws were found in IntelliBridge EC 40 and EC 80 Hub patient monitoring systems that integrate point-of-care devices with hospital information systems. These vulnerabilities stem from the use of hardcoded credentials and authentication bypass. If an attacker were to successfully exploit these flaws, they could gain unauthorized access to the Philips IntelliBridge EC40/80 hub and then execute software, modify device configuration, update patient data, and more. This article continues to discuss the potential exploitation and impact of the security vulnerabilities identified in certain patient monitoring and medical device interface products from Philips. 

Security Week reports "Philips Working on Patches for Vulnerabilities Found in Medical Products"