ICSMA-17-229-01_Philips' DoseWise Portal Vulnerabilities

Act Now9.1ICS-CERT ICSMA-17-229-01Aug 17, 2017

Attack VectorNetwork

Auth RequiredHigh

ComplexityLow

User InteractionNone needed

Summary

Philips DoseWise Portal versions 1.1.7.333 and 2.1.1.3069 contain hardcoded credentials (CWE-798) and insecure storage of sensitive information (CWE-312). The portal stores patient radiation dose data and is used for regulatory compliance tracking. An attacker with administrative access could access, modify, or delete dose records, compromising patient safety documentation and clinical workflows.

What this means

What could happen

An attacker with administrative credentials could gain unauthorized access to the DoseWise Portal and view, modify, or delete sensitive patient radiation dose data, disrupting clinical workflows and compromising patient safety records.

Who's at risk

Healthcare organizations operating Philips DoseWise Portal, including radiology departments, imaging centers, and hospital IT/clinical engineering staff responsible for radiation dose tracking and regulatory compliance (FDA Title 21 CFR Part 1020 for dose tracking).

How it could be exploited

An attacker with valid administrative credentials could authenticate to the DoseWise Portal remotely and exploit hardcoded credentials or insecure data storage to access the underlying database or configuration. This could allow exfiltration or tampering with patient dose records that feed into clinical decision-making.

Prerequisites

Valid administrative credentials for the DoseWise Portal
Network access to the DoseWise Portal web interface (typically port 443/HTTPS)
Knowledge of hardcoded credential locations or database access methods

no patch availablehigh CVSS score (9.1)affects patient safety datarequires valid credentials but uses weak/hardcoded authenticationcritical severity

Exploitability

Low exploit probability (EPSS 1.0%)

Affected products (1)

ProductAffected VersionsFix Status

DoseWise Portal:1.1.7.333 | 2.1.1.3069No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/3

HARDENINGRestrict administrative access to the DoseWise Portal to a small group of trusted personnel and enforce strong password policies on all administrative accounts

HARDENINGEnable audit logging and monitoring on the DoseWise Portal to detect unauthorized access attempts or data modifications

WORKAROUNDContact Philips to determine if patches or workarounds are available for your specific DoseWise Portal version

Mitigations - no patch available

0/1

DoseWise Portal: has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGImplement network segmentation to limit which systems and users can reach the DoseWise Portal; consider placing it on a separate VLAN accessible only from clinical workstations

CVEs (2)

CVE-2017-9656 CVE-2017-9654

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0f144be7-394e-499b-bbe3-de19f69f3b5c