Publication Date: October 24, 2019
Update Date: October 24, 2019
Philips is a committed leader in medical device cybersecurity. As part of our global Product Security Policy, the company conducts extensive, ongoing analysis of our products, often in collaboration with customers and researchers, to identify and address potential vulnerabilities.
In accordance with Philips’ Coordinated Vulnerability Disclosure Policy for the awareness and remediation of possible security vulnerabilities, the company is proactively issuing an advisory regarding the Philips IntelliSpace Perinatal obstetrics information system.
Philips has become aware that for Versions K and prior of the Philips IntelliSpace Perinatal system, a potential vulnerability may allow an unauthorized user access to system resources. This could impact confidentiality and integrity of the system and application. To exploit this issue, an attacker would require physical access to a locked application screen, or a remote desktop session host application.
Philips has not received any reports of exploitation of this vulnerability or of incidents from clinical use that we have been able to associate with this issue. Philips is providing customers with a detailed update to Philips IntelliSpace Perinatal documentation to provide clear guidance on recommended mitigations for this issue. This documentation is available to customers on Philips InCenter. Philips will be further assessing potential mitigations in the next minor product update, which is planned for the end of 2020.
Philips has reported this potential vulnerability and its mitigation to customers and the appropriate government agencies, including CISA, which is issuing an advisory.
Users with questions regarding their specific Philips IntelliSpace Perinatal installation should contact their Customer Success Manager (CSM), local Philips service support team, or regional service support. Philips contact information is available at the following location:
Please see the Philips product security web site for the latest security information for Philips products: https://www.philips.com/productsecurity