Philips Gemini PET/CT Family
Low Risk2.4ICS-CERT ICSMA-21-084-01Mar 25, 2021
Attack VectorPhysical
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Philips Gemini PET/CT systems contain a vulnerability involving removable media that could allow access to sensitive patient health information. The vulnerability stems from the anonymize function not reliably removing all patient data from exported or removable media. An attacker with physical access to the scanner or its removable media could extract confidential patient information despite the anonymization process. Philips has not released a firmware update to address this issue for any model in the Gemini family.
What this means
What could happen
An attacker with physical access to the Gemini PET/CT scanner or its removable media could extract sensitive patient health information, even if the anonymize function was applied. This could expose protected health information (PHI) and compromise patient privacy.
Who's at risk
Medical facilities operating Philips Gemini PET/CT scanners (all models in the 882xxx series) should be concerned. This affects hospitals, imaging centers, and diagnostic facilities that rely on PET/CT imaging for cancer detection, neurological diagnosis, and cardiac imaging. The vulnerability puts patient privacy at risk if physical security controls are not maintained.
How it could be exploited
An attacker must physically access the scanner or removable media (USB, compact flash, or similar storage devices) used by the system. Once physical access is obtained, the attacker can copy or extract data from the media, bypassing or working around the anonymize function to access patient information.
Prerequisites
- Physical access to the Gemini PET/CT scanner
- Physical access to removable media used by the scanner
- Ability to connect external devices or remove storage media from the scanner
no patch availableaffects protected health information (PHI)physical access required but difficult to monitor
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (11)
11 EOL
ProductAffected VersionsFix Status
Gemini PET/CT Family - 882160 Gemini Dual882160 Gemini DualNo fix (EOL)
Gemini PET/CT Family - 882400 Gemini GXL 10 Slice882400 Gemini GXL 10 SliceNo fix (EOL)
Gemini PET/CT Family - 882390 Gemini GXL 6 Slice882390 Gemini GXL 6 SliceNo fix (EOL)
Gemini PET/CT Family - 882410 Gemini GXL 16 Slice882410 Gemini GXL 16 SliceNo fix (EOL)
Gemini PET/CT Family - 882412 GEMINI LXL882412 GEMINI LXLNo fix (EOL)
Gemini PET/CT Family - 882473 Gemini TF Ready882473 Gemini TF ReadyNo fix (EOL)
Gemini PET/CT Family - 882471 Gemini TF 64 w/ TOF Performance882471 Gemini TF 64 w/ TOF PerformanceNo fix (EOL)
Gemini PET/CT Family - 882476 Gemini TF Big Bore882476 Gemini TF Big BoreNo fix (EOL)
Remediation & Mitigation
0/5
Do now
0/3HARDENINGRestrict physical access to the Gemini PET/CT scanner to only authorized medical personnel and maintain strict access controls
HARDENINGRestrict physical access to removable media (USB drives, compact flash cards, etc.) used by the scanner to only authorized personnel
WORKAROUNDDo not rely solely on the anonymize function for data protection; assume patient information may still be present in exported data
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HARDENINGImplement secure procedures for handling and storage of removable media containing patient data
HARDENINGReview and enforce Philips-approved software, software configuration, system services, and security configuration settings
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/992deb54-a456-4f6e-b995-b079eb5a23c4