ICSMA-20-261-01_Philips Clinical Collaboration Platform

Monitor6.8ICS-CERT ICSMA-20-261-01Sep 17, 2020

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Philips Clinical Collaboration Platform contains multiple vulnerabilities in file permissions and access controls (CWE-668, CWE-16, CWE-352, CWE-83, CWE-693, CWE-757). An attacker with local access to a platform server could modify protected files or disable services without authentication, affecting the integrity and availability of clinical collaboration capabilities. Vulnerabilities are not remotely exploitable and require local system access.

What this means

What could happen

An attacker with local access to a Clinical Collaboration Platform system could modify system files or disable the platform, disrupting clinical communication and collaboration between care teams during patient care operations.

Who's at risk

Healthcare organizations using Philips Clinical Collaboration Platform for clinical communication and collaboration. This affects hospital IT departments responsible for enterprise communication infrastructure and care team workflow systems. Primarily impacts versions 12.2.1 and earlier.

How it could be exploited

An attacker would need physical or local system access to the Clinical Collaboration Platform server. With local access and no authentication required, they could exploit file permission issues (CWE-668) to write to protected system directories or disable critical platform services, affecting availability and integrity of clinical collaboration functions.

Prerequisites

Local access to the Clinical Collaboration Platform server (physical or via local shell)
No credentials required once local access is obtained

Local access required (not remotely exploitable)No authentication required for exploitationLow attack complexityAffects availability and integrity of clinical operationsManual intervention required for complete remediation of some vulnerabilities

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Clinical Collaboration Platform:≤ 12.2.112.2.5

Remediation & Mitigation

0/6

Do now

0/2

HARDENINGRestrict physical access to Clinical Collaboration Platform servers to authorized personnel only

WORKAROUNDDisable unnecessary accounts and services on the platform

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Clinical Collaboration Platform to version 12.2.5 (released May 2020) to remediate CWE-16, CWE-352, CWE-83, and CWE-693

HOTFIXApply patch 12.2.1.5 (released June 2020) as a minimum interim measure if upgrade to 12.2.5 is not immediately possible

HOTFIXContact Philips service support (1-877-328-2808, option 4) to determine upgrade eligibility and obtain manual remediation guidance for CWE-757

Long-term hardening

0/1

HARDENINGImplement defense-in-depth controls including network segmentation to limit local access paths to the platform

CVEs (5)

CVE-2020-14506 CVE-2020-14525 CVE-2020-16198 CVE-2020-16200 CVE-2020-16247

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/bf020a0f-6c21-45ce-b8ca-c342eb0a598f