Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Philips Subscribe
Filtered by product Performancebridge Focal Point
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16228 1 Philips 24 Intellivue Mp2-mp90, Intellivue Mp2-mp90 Firmware, Intellivue Mx100 and 21 more 2023-12-12 5.2 MEDIUM 6.4 MEDIUM
In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate.
CVE-2020-16222 1 Philips 2 Patient Information Center Ix, Performancebridge Focal Point 2023-12-12 5.8 MEDIUM 8.8 HIGH
In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.
CVE-2020-16220 1 Philips 2 Patient Information Center Ix, Performancebridge Focal Point 2023-12-12 3.3 LOW 4.3 MEDIUM
In Patient Information Center iX (PICiX) Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling.
CVE-2020-16216 1 Philips 24 Intellivue Mp2-mp90, Intellivue Mp2-mp90 Firmware, Intellivue Mx100 and 21 more 2023-12-12 6.1 MEDIUM 6.5 MEDIUM
In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.