Two vulnerabilities were discovered in Philips IntelliVue WLAN firmware that impact selected IntelliVue MP monitors. Hackers can exploit the vulnerabilities to install harmful firmware that can affect data flow and result in an inoperable condition at the device and Central Station.
Finite State, Inc security researcher Shawn Loveric notified Philips about the vulnerabilities. Philips proactively gave a security bulletin to help clients using the affected devices to mitigate risk.
An attacker needs a high level of skill and access to a vulnerable gadget’s local area network to be able to exploit the vulnerabilities. Present mitigating control can also restrict the likelihood of an attack. So, Philips doesn’t think either vulnerability could affect clinical devices. Philips doesn’t think any attacker has actively exploited the vulnerabilities.
The first vulnerability, monitored as CVE-2019-13530, involves the usage of a hard-coded password that can permit an attacker to remotely sign in via FTP and upload harmful firmware. The second vulnerability, monitored as CVE-2019-13534, permits the downloading of code or an executable file via a remote position without carrying out verifications to check the source and reliability of the code. The vulnerabilities have been given a CVSS v3 base rating of 6.4 out of 10.
The Philips devices affected by the vulnerabilities are the following:
- IntelliVue MP monitors MP5/5SC (M8105A/5AS)
- WLAN Version A, Firmware A.03.09, Part #: M8096-67501
- IntelliVue MP monitors MP20-MP90 (M8001A/2A/3A/4A/5A/7A/8A/10A)
- WLAN Version A, Firmware A.03.09
- IntelliVue MP monitors MX800/700/600 ((865240/41/42)
- WLAN Version B, Firmware A.01.09, Part #: N/A (Substituted by Version C)
- IntelliVue MP monitors MP2/X2 (M8102A/M3002A)
- WLAN Version B, Firmware A.01.09, Part #: N/A (Substituted by Version C)
WLAN Version B is outdated and won’t be patched. Philips has informed clients utilizing any of the patient monitors impacted by the vulnerabilities to upgrade to the WLAN Module Version C wireless module. The vulnerabilities do not affect WLAN Version C with present firmware of B.00.31. Mitigating controls include using authentication and authorization through WPA2, carrying out a firewall rule on wireless connections, and making sure that physical controls are applied to limit system access.
The vulnerability in WLAN Version A is going to be resolved by using a patch that Philips plans to bring out via Incenter at the end of of 2019.