1. Home
  2. CVE Database
  3. CVE-2020-16216
MEDIUM · 6.5

CVE-2020-16216

In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate ...

Vulnerability Description

In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
PhilipsPatient Information Center Ixb.02
PhilipsPerformancebridge Focal Pointa.01
PhilipsIntellivue Mp2-Mp90 Firmware-
PhilipsIntellivue Mp2-Mp90n
PhilipsIntellivue Mx100 Firmware-
PhilipsIntellivue Mx100-
PhilipsIntellivue Mx400 Firmware-
PhilipsIntellivue Mx400-
PhilipsIntellivue Mx850 Firmware-
PhilipsIntellivue Mx850-
PhilipsIntellivue X2 Firmware-
PhilipsIntellivue X2n
PhilipsIntellivue X3 Firmware-
PhilipsIntellivue X3n
PhilipsIntellivue Mx800 Firmware-
PhilipsIntellivue Mx800-
PhilipsIntellivue Mx750 Firmware-
PhilipsIntellivue Mx750-
PhilipsIntellivue Mx700 Firmware-
PhilipsIntellivue Mx700-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2020-16216?

CVE-2020-16216 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate ...

How severe is CVE-2020-16216?

CVE-2020-16216 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-16216?

Check the references section above for vendor advisories and patch information. Affected products include: Philips Patient Information Center Ix, Philips Performancebridge Focal Point, Philips Intellivue Mp2-Mp90 Firmware, Philips Intellivue Mp2-Mp90, Philips Intellivue Mx100 Firmware.