Skip to main content

Philips Healthcare C-arm X-Ray Router Encryption Vulnerability

Philips Healthcare has released details of an encryption vulnerability present across Veradius Unity, Pulsera, and Endura C-Arm. An unauthorised user could exploit this vulnerability to impact data transfer.

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Philips Healthcare has released details of an encryption vulnerability present across Veradius Unity, Pulsera, and Endura C-Arm. An unauthorised user could exploit this vulnerability to impact data transfer.


Affected platforms

The following platforms are known to be affected:

Philips Healthcare reports the following Veradius Unity, Pulsera, and Endura Dual WAN Routers are affected:

  • Veradius Unity - Wireless between 2016 - 2018
  • Veradius Unity - ViewForum between 2016 - 2018
  • Pulsera and Endura - Wireless between 2017 - 2018
  • Pulsera and Endura - ViewForum between 2017 - 2018

Threat details

The vulnerability is a result of weak encryption (CVE-2019-18263), potentially subjecting the network to brute force attacks.

For further Information:


Remediation steps

Type Step

Philips has a solution available for users who have the wireless or ViewForum option in their product to update the configuration of the Dual WAN router.
Philips contact information is available at the following link: Philips Customer Service

Please see the Philips product security website for the latest security information for Philips products.



CVE Vulnerabilities

Last edited: 29 June 2021 11:57 am