Philips' IntelliVue Patient and Avalon Fetal Monitors

Plan PatchCVSS 8.3ICS-CERT ICSMA-18-156-01Jun 5, 2018

PhilipsWater

Attack path

Attack VectorAdjacent

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Philips IntelliVue Patient Monitors (MX400-550, MP2/X2/MP30/MP50/MP70/NP90/MX700/800) and Avalon Fetal/Maternal Monitors (FM20/FM30/FM40/FM50) contain authentication bypass and memory access vulnerabilities (CWE-287, CWE-121, CWE-200). These vulnerabilities may allow an attacker on the local network to read or modify monitor memory without valid credentials. Successful exploitation could alter patient vital sign display, change alarm thresholds, or cause device restarts, potentially delaying patient diagnosis and treatment. Affected software revisions: Avalon F.0/G.0/J.3, IntelliVue MX Rev J-M, IntelliVue MP Rev B-M.

What this means

What could happen

An attacker with local network access to these monitors could read or modify their memory, potentially altering patient data display or alarm thresholds, or restart the devices causing loss of monitoring data and diagnostic delays during critical care.

Who's at risk

Hospital and healthcare facility operators responsible for patient monitoring systems. Critical care units, maternal-fetal monitoring areas, and any facility using IntelliVue MX/MP series or Avalon FM series monitors are affected. This includes bedside monitors, central monitoring stations, and integrated patient data displays.

How it could be exploited

An attacker on the same local network segment as an IntelliVue or Avalon monitor could exploit weak authentication mechanisms (CWE-287) to gain direct memory access (CWE-121). This allows reading sensitive patient information or writing malicious commands that change how the monitor displays vital signs or triggers alarms.

Prerequisites

Local network access (same Ethernet segment as the monitors)
No valid credentials required

Remotely exploitable over local networkNo authentication requiredNo patch currently available for affected versionsAffects medical devices used in critical careCVSS score 8.3 indicates high severity

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (3)

3 pending

ProductAffected VersionsFix Status

Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50: with software Revisions F.0 G.0 and J.3F.0.G.0 | J.3No fix yet

IntelliVue Patient Monitors MX (MX400-550): Rev J-M and (X3/MX100 for Rev M only)Rev J-M | (X3/MX100 for Rev M only)No fix yet

IntelliVue Patient Monitors MP Series (includingMP2/X2/MP30/MP50/MP70/NP90/MX700/800): Rev B-MRev B-MNo fix yet

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDDeploy network access controls (MAC filtering, port security) to limit which devices can connect to the monitor network segment

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXContact Philips through your InCenter account to obtain and apply available remediation patches for supported software versions

HOTFIXRequest and implement upgrade path to patched versions from Philips for your specific monitor models

HOTFIXMonitor Philips product security website for patch availability and field change bulletins

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate patient monitors on a dedicated, access-controlled medical device network separate from general IT infrastructure

CVEs (3)

CVE-2018-10597 CVE-2018-10599 CVE-2018-10601

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/6200b98e-069b-4fc9-8508-84ebd81948f0

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.