Remote Code Execution Vulnerability in Philips IntelliVue WLAN Portable Patient Monitors
CVE-2019-13534

7.2HIGH

Key Information:

Vendor: Philips
Status: Philips Intellivue Wlan, Portable Patient Monitors
Vendor: CVE Published:; 12 September 2019

What is CVE-2019-13534?

Philips IntelliVue WLAN portable patient monitors are subject to a remote code execution vulnerability where the devices download source code or executables from an unverified remote location. This flaw allows attackers to execute arbitrary code on the devices, potentially compromising patient data and system integrity. The affected versions include WLAN Version A (Firmware A.03.09) and WLAN Version B (Firmware A.01.09). Protection measures should prioritize verification of code origin and integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Philips IntelliVue WLAN, portable patient monitors = WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C)

References

https://www.us-cert.gov/ics/advisories/icsma-19-255-01

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2019
Vulnerability Reserved
Jul 11, 2019

JSON

Philips

What is CVE-2019-13534?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.