Publication Date: 2021 January 14 

Update Date:  2021 January 14


Philips is a committed leader in medical device cybersecurity. As part of our global Product Security Policy, the company conducts extensive, ongoing analysis of our products, often in collaboration with customers and researchers, to identify and address potential vulnerabilities.


In accordance with Philips’ Coordinated Vulnerability Disclosure Policy for the awareness and remediation of possible security vulnerabilities, the company is proactively issuing an advisory regarding software versions of Philips Interventional WorkSpot, Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live, and ViewForum running on older Haswell workstations.


Philips has become aware of a potential moderate-severity security vulnerability in affected systems. This potential vulnerability requires access to the hospital network to exploit. Should successful exploitation occur, there is a possibility that an attacker already within the hospital network could potentially shut down or restart the workstation.


In the event that the workstation is remotely shut down, physicians are still able to use diagnostic imaging from the X-ray system. To date, Philips has not received any reports of exploitation of these issues or of incidents from clinical use that we have been able to associate with this issue.


Philips has released a software patch to proactively address this vulnerability in the installed base, and will schedule service activities with impacted customers to implement the correction. As a mitigation for this potential security vulnerability, customers with expertise are advised to change the IPMI password for the workstation interface.


Customers with questions regarding their specific Philips Interventional WorkSpot, Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live, and ViewForum installations should contact their Philips support representative or call 1-800-722-9377 with reference to field change order (FCO) number FCO72200452.


Please see the Philips product security web site for the latest security information for Philips products:


Cybersecurity & Infrastructure Security Agency (CISA) Advisory:


ADDENDUM: Affected Product List

This issue affects four Haswell workstations labeled with 12NC identification numbers [4598 009 39471, 4598 009 39481, 4598 009 70861, 4598 009 98531] when running the following versions of interventional software:


  • Interventional Workspot [Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5]
  • Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live [Release 1.0]
  • ViewForum [Release 6.3V1L10]