OTPulse
FeedAboutContact

Philips iSite and IntelliSpace PACS

Monitor6.3ICS-CERT ICSMA-18-312-01Nov 8, 2018
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Vulnerability in Philips iSite and IntelliSpace PACS systems that may allow an attacker with local network access to compromise confidentiality, integrity, and availability of system components. Affects all versions of both products.

What this means
What could happen
An attacker on the local network could read, modify, or disrupt access to patient medical imaging data stored in or processed by these PACS systems, potentially affecting diagnostic and treatment workflows.
Who's at risk
Hospital imaging departments, radiology centers, and any healthcare facility using Philips iSite or IntelliSpace PACS systems for medical image storage and retrieval. All installations of both products are affected with no vendor fix available.
How it could be exploited
An attacker with access to the local network segment where the PACS system is deployed could exploit this vulnerability to gain unauthorized access to the system and compromise data or availability. The vulnerability requires local network presence but no authentication or user interaction.
Prerequisites
  • Local network access to the PACS system
  • No authentication credentials required
  • System must be deployed on the vulnerable version (all versions affected)
no patch availableaffects health/safety systems (patient data and imaging)requires local network access onlylow exploitation complexity
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
iSite PACS: all versionsAll versionsNo fix (EOL)
IntelliSpace PACS: all versionsAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGSegment the PACS network from general hospital network and untrusted segments using firewalls or network isolation
HARDENINGRestrict local network access to PACS systems to authorized radiology and IT personnel only; implement network access controls (ACLs) at switch and firewall levels
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGImplement network monitoring and intrusion detection on the PACS network segment to detect unauthorized access attempts
WORKAROUNDContact Philips customer success manager or service support team to inquire about future security patches and potential product upgrades
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/34070539-a725-49b6-944c-6c1ac57926aa