6.4
CVE-2020-16228
- EPSS 0.04%
- Published 11.09.2020 13:15:11
- Last modified 21.11.2024 05:06:58
- Source ics-cert@hq.dhs.gov
- Teams watchlist Login
- Open Login
In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate.
Data is provided by the National Vulnerability Database (NVD)
Philips ≫ Patient Information Center Ix Versionb.02
Philips ≫ Patient Information Center Ix Versionc.02
Philips ≫ Patient Information Center Ix Versionc.03
Philips ≫ Performancebridge Focal Point Versiona.01
Philips ≫ Intellivue Mp2-mp90 Firmware Version-
Philips ≫ Intellivue Mx100 Firmware Version-
Philips ≫ Intellivue Mx400 Firmware Version-
Philips ≫ Intellivue Mx850 Firmware Version-
Philips ≫ Intellivue X2 Firmware Version-
Philips ≫ Intellivue X3 Firmware Version-
Philips ≫ Intellivue Mx800 Firmware Version-
Philips ≫ Intellivue Mx750 Firmware Version-
Philips ≫ Intellivue Mx700 Firmware Version-
Philips ≫ Intellivue Mx600 Firmware Version-
Philips ≫ Intellivue Mx550 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.069 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 0.9 | 5.5 |
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
|
| nvd@nist.gov | 5.2 | 5.1 | 6.4 |
AV:A/AC:L/Au:S/C:P/I:P/A:P
|
CWE-299 Improper Check for Certificate Revocation
The product does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.