CVE-2021-43548 MEDIUM

CVE-2021-43548: Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation

Vendor Philips

Product Patient Information Center iX (PIC iX)

Weakness CWE-20 · Input validation

Published December 27, 2021

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.

Key dates

02Disclosure timeline

December 27, 2021 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-43548 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2021-43548

CWE CWE-20

CVSS 6.5 / MEDIUM

Affected versions

Vendor Philips

Product Patient Information Center iX (PIC iX)

Affected C.02

Vendor Philips

Product Patient Information Center iX (PIC iX)

Affected C.03

CVE-2021-43548: Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation

01Description

02Disclosure timeline

03References

04Related CVE