Philips PageWriter TC10, TC20, TC30, TC50, and TC70 Cardiographs (Update A)

Monitor6.1ICS-CERT ICSMA-18-228-01Aug 16, 2018

Attack VectorPhysical

Auth RequiredHigh

ComplexityLow

User InteractionRequired

Summary

Multiple vulnerabilities in Philips PageWriter TC10, TC20, TC30, TC50, and TC70 cardiographs allow buffer overflows and unauthorized modification of device settings. TC20, TC30, TC50, and TC70 models run the obsolete WinCE5 operating system, which is no longer supported by the OS manufacturer. TC10 and other older models have no patch available. An attacker must have physical access and administrative privileges to exploit these vulnerabilities. No public exploits currently exist, and these vulnerabilities are not remotely exploitable.

What this means

What could happen

An attacker with physical access to a PageWriter cardiograph could trigger a buffer overflow or modify device settings, potentially altering diagnostic readings or stopping the device from functioning.

Who's at risk

Healthcare facilities operating Philips PageWriter cardiographs (TC10, TC20, TC30, TC50, TC70 models) for patient electrocardiogram (ECG) testing and diagnosis. This affects diagnostic equipment in hospitals, clinics, and cardiology departments.

How it could be exploited

An attacker must be physically present at the device and have elevated privileges (administrative access). They could exploit a buffer overflow vulnerability or gain unauthorized access to device settings through an improperly validated input field, allowing them to alter diagnostic parameters or disable the device.

Prerequisites

Physical access to the cardiograph device
Administrative or high-level user credentials
Knowledge of the vulnerable input mechanism

Physical access requiredHigh privileges requiredAffects medical diagnostic deviceObsolete operating system (WinCE5)No patch available for older modelsLow exploit probability (0.2% EPSS)

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

PageWriter TC10 TC20 TC30 TC50 TC70 Cardiographs: All<May 2018No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/1

HARDENINGImplement strict physical security controls—limit physical access to PageWriter devices to authorized medical and technical personnel only

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXFor TC50 and TC70 devices: Update to WinCE7 operating system (available through InCenter) to move away from obsolete WinCE5

HOTFIXFor TC20 and TC30 devices: Plan replacement with TC50 model or await Philips OS update scheduled for Q3 2020

Mitigations - no patch available

0/1

PageWriter TC10 TC20 TC30 TC50 TC70 Cardiographs: All has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGEnforce role-based access control and administrative credential management to reduce the number of staff with high-level privileges

CVEs (2)

CVE-2018-14799 CVE-2018-14801

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/2074b9f1-a7b6-4c4c-b80e-b89969a3ab6e