← back
CVE-2021-43550

Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm

CVSS 5.9 MEDIUMEPSS 0.2%CWE-327
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.9EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Dec 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Affected products
Philips · Efficia CM SeriesPhilips · Patient Information Center iX (PIC iX)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02