Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-43550

5.9MEDIUM

Key Information:

Vendor: Philips
Status: Efficia Cm Series; Patient Information Center Ix (pic Ix)
Vendor: CVE Published:; 27 December 2021

Summary

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.

Affected Version(s)

Efficia CM Series 4.0

Efficia CM Series A.01

Patient Information Center iX (PIC iX) C.02

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 27, 2021
Vulnerability Reserved
Nov 8, 2021

Credit

Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks