U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2020-16218

Change History

CVE Modified by ICS-CERT 12/12/2023 4:15:07 PM

Action Type Old Value New Value
Changed Description 
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access to patient data via a read-only web application.
 
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the 
software does not neutralize or incorrectly neutralizes 
user-controllable input before it is placed in output that is then used 
as a webpage and served to other users. Successful exploitation could 
lead to unauthorized access to patient data via a read-only web 
application.
Added Reference 

								
							
							
								
							
						
								
							
								
ICS-CERT https://www.philips.com/productsecurity [No types assigned]