OTPulse
FeedAboutContact

Philips IntelliBridge Enterprise IBE

Low Risk2ICS-CERT ICSMA-20-163-01Jun 11, 2020
Attack VectorAdjacent
Auth RequiredHigh
ComplexityHigh
User InteractionNone needed
Summary

IntelliBridge Enterprise stores plaintext user credentials in log files. An attacker who accesses these log files can extract credentials used for authentication to the hospital's clinical information systems and EMR. The vulnerability affects all versions through B.12. Philips plans to remediate this in version B.13 (scheduled Q4 2020) by preventing plaintext credential logging.

What this means
What could happen
An attacker with access to IntelliBridge Enterprise log files could extract plaintext credentials used to access hospital clinical information systems, potentially enabling unauthorized access to patient records and EMR data.
Who's at risk
Hospital IT and clinical engineering staff responsible for Philips IntelliBridge Enterprise deployments. This affects healthcare facilities using IntelliBridge Enterprise system integration platforms (including Guardian, SureSigns, and EarlyVue monitoring systems) that depend on EMR access for clinical operations.
How it could be exploited
An attacker must first gain access to the IntelliBridge Enterprise system or its log files (via network compromise, physical access, or insider access). Once log files are obtained, plaintext credentials are trivially extracted without special tools or knowledge. The attacker can then use these credentials to authenticate to the hospital's EMR and clinical information systems.
Prerequisites
  • Access to IntelliBridge Enterprise system or its log file storage
  • Administrative or file-level access to read log files
  • IBE version B.12 or earlier
No authentication required to read log files if attacker has file accessLow complexity exploitation once access is gainedHigh impact to confidentiality of credentialsNo patch currently available
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (4)
4 with fix
ProductAffected VersionsFix Status
IntelliBridge Enterprise system integration with IntelliVue Guardian: (IGS)IGSB.13
IntelliBridge Enterprise (IBE):≤ B.12B.13
IntelliBridge Enterprise system integration with EarlyVue: (VS30)VS30B.13
IntelliBridge Enterprise system integration with SureSigns: (VS4)VS4B.13
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGRestrict file system access to IntelliBridge Enterprise log files to only essential administrators
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade IntelliBridge Enterprise to version B.13 or later when available (planned Q4 2020)
HARDENINGRegularly review and securely dispose of old log files containing plaintext credentials
Long-term hardening
0/1
HARDENINGIsolate IntelliBridge Enterprise on a dedicated network segment with controlled access
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/56e78ffc-511c-4f15-b6ef-1d022b00e975
Philips IntelliBridge Enterprise IBE | CVSS 2 - OTPulse