Philips reports ultrasound security issue

By staff writers

June 26, 2020 -- Philips Healthcare has reported a low-level security issue with its ultrasound scanners that could enable unauthorized personnel to bypass authentication and log in to systems.

In a security alert, the company said that the issue only applies to local access to affected scanners, and it requires a "high skill level" to exploit. If an exploitation does occur, the unauthorized user might be able to enable and access features on the ultrasound scanner that were not included with the purchase of the system.

The company noted that it believes that the vulnerability is not a device safety issue, and it does not believe the security problem is a safety hazard to patients. Philips noted that it hasn't received any reports of the vulnerability being exploited in clinical use.

The company said the vulnerability applies to Ultrasound ClearVue versions 3.2 and prior, Ultrasound CX versions 5.0.2 and prior, Ultrasound Epiq and Affiniti versions VM5.0 and prior, Ultrasound Sparq version 3.0.2 and prior, and Ultrasound Xperius.

Philips said it has released or is planning to release new software updates for the scanners that address the vulnerabilities.

Copyright © 2020

To read this and get access to all of the exclusive content on create a free account or sign-in now.

Member Sign In:
MemberID or Email Address:  
Do you have a password?
No, I want a free membership.
Yes, I have a password:  
Forgot your password?
Sign in using your social networking account:
Sign in using your social networking