In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01 | Third Party Advisory US Government Resource |
https://www.philips.com/productsecurity |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2020-09-11T13:13:35
Updated: 2023-12-12T18:24:53.053Z
Reserved: 2020-07-31T00:00:00
Link: CVE-2020-16212
JSON object: View
NVD Information
Status : Modified
Published: 2020-09-11T14:15:11.377
Modified: 2023-12-12T19:15:07.597
Link: CVE-2020-16212
JSON object: View
Redhat Information
No data.
CWE