Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-43550


The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.


Published

2021-12-27T19:15:08.500

Last Modified

2024-11-21T06:29:24.837

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

6.5

Impact Score

2.9

Weaknesses
  • Type: Secondary
    CWE-327
  • Type: Primary
    CWE-327

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application philips patient_information_center_ix c.02 Yes
Application philips patient_information_center_ix c.03 Yes
Operating System philips efficia_cm_firmware ≤ c.0x Yes
Operating System philips efficia_cm_firmware 4.0 Yes
Hardware philips efficia_cm - No

References