Philips Healthcare C-arm X-Ray Router Encryption Vulnerability

Philips Healthcare has released details of an encryption vulnerability present across Veradius Unity, Pulsera, and Endura C-Arm. An unauthorised user could exploit this vulnerability to impact data transfer.

Threat ID:: CC-3325
Category:
Threat Severity:: Low
Threat Vector:
Published:: 20 December 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Affected platforms

The following platforms are known to be affected:

Philips Healthcare reports the following Veradius Unity, Pulsera, and Endura Dual WAN Routers are affected:

Veradius Unity - Wireless between 2016 - 2018
Veradius Unity - ViewForum between 2016 - 2018
Pulsera and Endura - Wireless between 2017 - 2018
Pulsera and Endura - ViewForum between 2017 - 2018

Threat details

The vulnerability is a result of weak encryption (CVE-2019-18263), potentially subjecting the network to brute force attacks.

For further Information:

Remediation steps

Type	Step
	Philips has a solution available for users who have the wireless or ViewForum option in their product to update the configuration of the Dual WAN router. Philips contact information is available at the following link: Philips Customer Service Please see the Philips product security website for the latest security information for Philips products.

Type

Step

Philips has a solution available for users who have the wireless or ViewForum option in their product to update the configuration of the Dual WAN router.
Philips contact information is available at the following link: Philips Customer Service

Please see the Philips product security website for the latest security information for Philips products.

CVE Vulnerabilities

Status

CVE-2019-18263

Last edited: 29 June 2021 11:57 am