MEDIUM🇬🇧 English

CVE-2020-16212

CVSS 6.8v3.1pub. 2020-09-11upd. 2024-11-21

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Philips Patient Information Center Ix

    APP
    Philips
    b.02c.02c.03
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-16222HIGH8.8ten sam produkt

In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version ...

CVE-2021-43552MEDIUM6.1ten sam produkt

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recove...

CVE-2021-43548MEDIUM6.5ten sam produkt

Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or...

CVE-2021-43550MEDIUM5.9ten sam produkt

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of...

CVE-2020-16228MEDIUM6.4ten sam produkt

In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, ...

CVE-2020-16212 — MEDIUM 6.8 | CVEbaza.pl