{"id": "CVE-2020-16228", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.2, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 5.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.5, "exploitabilityScore": 0.9}]}, "published": "2020-09-11T13:15:11.377", "references": [{"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.philips.com/productsecurity", "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-299"}]}], "descriptions": [{"lang": "en", "value": "In Patient Information Center iX (PICiX) Versions C.02 and C.03, \nPerformanceBridge Focal Point Version A.01, IntelliVue patient monitors \nMX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and \nprior, the software does not check or incorrectly checks the revocation \nstatus of a certificate, which may cause it to use a compromised \ncertificate.\n\n\n\n"}, {"lang": "es", "value": "Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versi\u00f3n A.01, Monitores de paciente IntelliVue MX100, MX400-MX850 y MP2-MP90 Versiones N y anteriores, IntelliVue X3 y X2 Versiones N y anteriores. El software no comprueba o comprueba inapropiadamente el estado de revocaci\u00f3n de un certificado, lo que puede causar que use un certificado comprometido"}], "lastModified": "2023-12-12T21:15:07.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4FA1FEC-5139-48C1-856C-8062436AE6C6"}, {"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3220AB2-AC0D-4AC2-90D8-76C02FC693EB"}, {"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE1FB3E9-E269-434A-B1C2-D54C40F437BE"}, {"criteria": "cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B4CF59B-32DC-4F48-88C5-77B96E937E93"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mp2-mp90_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BDDAC8D-53B7-4B52-8EE2-510E6FE215D8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mp2-mp90:n:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A9B11FBA-4FCF-4B0A-ADA9-6BB59686A8DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D7C4F77-6005-4AAA-83CA-CA9F60043A7A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D2A5BBF-C360-4281-AD34-C0941831DA64"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58F21718-A0DE-419E-B82D-447ADC337E30"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "27B8D0E2-316A-45E5-8FC1-AE70F07DB7FA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx850_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77650C8F-73D8-4DBC-8673-40502748C3CE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx850:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1F44D95-5744-4475-9312-63E1F422B236"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E42604C2-7CB6-42AC-9272-CFABFC4DC85A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_x2:n:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA10D49B-DBB0-4E4D-B0C9-17F91D22E5AB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "708EB7F4-9747-4B0C-937D-F1ED07300FAE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_x3:n:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "221DDFB6-3F7D-4611-9A87-2D216DF79A2B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C6A5F3-C845-4561-A451-DC3C966E8D8C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C38B732B-8629-40FE-A333-E69A7F2CFB18"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx750_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B60F7F6F-995F-4251-9DF8-897F42025B2C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx750:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F77F9328-BFE3-42C9-A487-6295B05274ED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43C2466F-A371-4386-B098-F724D5CD14CB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDF21FA3-9650-442F-8E13-281A9975C47B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx600_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4394A2A-C9F4-4E56-866E-EB49F6B32C3D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "186C49C9-BDA8-4083-A3E9-606BBA027CAB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D72DF93-DF02-411D-80BE-85286F553B1E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B03E7D9-01DC-492F-BA52-9165E78BE498"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}
