Philips Veradius Unity, Pulsera, and Endura Dual WAN Routers
Monitor5.3ICS-CERT ICSMA-19-353-01Dec 19, 2019
Attack VectorAdjacent
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
Philips Veradius Unity (model 718132), Pulsera (model 718095), and Endura (model 718075) Dual WAN routers with wireless or ViewForum options are vulnerable to a management interface compromise (CWE-326: Inadequate Encryption Strength). Successful exploitation by an adjacent attacker could disrupt the availability of data transfer via wireless communication. Units shipped between August 2016 and August 2018 are affected. Exploitation requires high skill level and physical/adjacent network proximity. Philips has stated no fix will be provided but offers a configuration update as a workaround.
What this means
What could happen
An attacker with physical or adjacent network access could disrupt wireless data transfer through the Dual WAN router's management interface, potentially preventing remote monitoring and control of clinical devices connected through these routers.
Who's at risk
Healthcare facility IT and biomedical teams managing Philips Veradius Unity, Pulsera, and Endura Dual WAN routers used for wireless connectivity and remote monitoring of clinical devices. Routers shipped between 2016 and August 2018 with wireless or ViewForum options are at risk.
How it could be exploited
An attacker on the adjacent network (e.g., hospital WiFi or directly connected to router) could exploit a weakness in the wireless or ViewForum option to compromise the management interface and cause the router to become unavailable. The attacker does not need valid credentials but must have physical proximity or network adjacency to the device.
Prerequisites
- Physical or adjacent network access to the Dual WAN router
- The router must have the wireless option or ViewForum option enabled
- High skill level required to execute the exploit
No patch availableAffects remote monitoring infrastructureRequires high skill level to exploitNo known public exploitsNot remotely exploitable
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (4)
4 pending
ProductAffected VersionsFix Status
Pulsera (718095) and Endura (718075): with wireless option (shipped between 26-June-2017 through 07-August 2018)with wireless option (shipped between 26-June-2017 through 07-August 2018)No fix yet
Veradius Unity (718132): with ViewForum option (shipped between 2016-August 2018)with ViewForum option (shipped between 2016-August 2018)No fix yet
Veradius Unity (718132): with wireless option (shipped between 2016-August 2018)with wireless option (shipped between 2016-August 2018)No fix yet
Pulsera (718095) and Endura (718075): with ViewForum option (shipped between 26-June-2017 through 07-August 2018)with ViewForum option (shipped between 26-June-2017 through 07-August 2018)No fix yet
Remediation & Mitigation
0/5
Do now
0/2WORKAROUNDContact Philips support to obtain and apply the configuration update for the Dual WAN router if your device has the wireless or ViewForum option
HARDENINGRestrict physical and network access to the Dual WAN router management interface to authorized personnel only
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HARDENINGDisable the wireless or ViewForum option if not required for clinical operations
HARDENINGDisable any unnecessary accounts and services on the management interface
Long-term hardening
0/1HARDENINGApply defense-in-depth strategies including network segmentation to isolate the router from untrusted networks
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/1560c22f-3401-440b-af91-1e623221988f