FTP Credentials Vulnerability in Philips IntelliVue WLAN Portable Patient Monitors
CVE-2019-13530

7.2HIGH

Key Information:

Vendor: Philips
Status: Philips Intellivue Wlan, Portable Patient Monitors
Vendor: CVE Published:; 12 September 2019

What is CVE-2019-13530?

The Philips IntelliVue WLAN portable patient monitors have a vulnerability that allows an attacker to exploit weak FTP credentials. This issue permits unauthorized access, enabling an attacker to log in and potentially upload malicious firmware. The affected versions include WLAN Version A with Firmware A.03.09 and WLAN Version B with Firmware A.01.09. It is essential for users of these devices to apply recommended security practices to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Philips IntelliVue WLAN, portable patient monitors = WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C)

References

https://www.us-cert.gov/ics/advisories/icsma-19-255-01

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2019
Vulnerability Reserved
Jul 11, 2019

JSON

Philips

What is CVE-2019-13530?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.