OTPulse
FeedAboutContact

Philips Holter 2010 Plus

Low Risk1.9ICS-CERT ICSMA-19-192-01Jul 11, 2019
Attack VectorLocal
Auth RequiredHigh
ComplexityHigh
User InteractionNone needed
Summary

The Philips Holter 2010 Plus cardiac monitoring system contains a vulnerability that could allow a person with physical access and high administrative privileges to escalate to additional product features. Exploitation requires multiple specific conditions to be met and is not remotely exploitable. No public exploits are known.

What this means
What could happen
An attacker with physical access and high privileges to the Holter 2010 Plus could escalate their access to additional product features, potentially altering monitoring or data management capabilities in a way that hospital staff would not normally allow.
Who's at risk
Hospital clinical engineering, biomedical staff, and facilities that operate Philips Holter 2010 Plus cardiac monitoring systems should care about this vulnerability, as unauthorized feature access could compromise the integrity of patient monitoring data or allow unauthorized changes to device configuration.
How it could be exploited
Exploitation requires physical access to the device and high-level privileges already present on the system. The attacker must satisfy multiple technical conditions specific to the device configuration to trigger the feature escalation. This is not remotely exploitable.
Prerequisites
  • Physical access to the Holter 2010 Plus device
  • High-level administrative or engineering privileges on the device
  • Knowledge of specific device configuration details
  • Multiple system components in a particular state or configuration
No patch availableHigh skill level required to exploitPhysical access requiredHigh privilege level requiredNot remotely exploitable
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Holter 2010 Plus: all versionsAll versionsNo fix (EOL)
Remediation & Mitigation
0/5
Do now
0/2
HARDENINGRestrict physical access to the Holter 2010 Plus to authorized clinical and biomedical personnel only
HARDENINGImplement role-based access controls to limit what functions each user can perform on the device
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGApply least privilege principles to user accounts, granting only the minimum permissions needed for job functions
HARDENINGDisable unnecessary user accounts and services on the device
Mitigations - no patch available
0/1
Holter 2010 Plus: all versions has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGApply defense-in-depth strategies including multiple layers of access controls and monitoring
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/41a8e832-b575-4ee0-8851-b72f4226fbf2
Philips Holter 2010 Plus | CVSS 1.9 - OTPulse