CVE-2019-13530

HIGH

Philips IntelliVue - RCE

Title source: llm

Description

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). An attacker can use these credentials to login via ftp and upload a malicious firmware.

References (1)

[Mitigation, Third Party Advisory, US Government Resource] https://www.us-cert.gov/ics/advisories/icsma-19-255-01

Scores

CVSS v3 7.2

EPSS 0.0024

EPSS Percentile 47.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-259 CWE-798

Status published

Products (4)

philips/intellivue_mp_monitors_mp20-mp90_firmware a.03.09

philips/intellivue_mp_monitors_mp2\/x2_firmware a01.09

philips/intellivue_mp_monitors_mp5\/5sc_firmware a.03.09

philips/intellivue_mp_monitors_mx800\/700\/600_firmware a.01.09

Published Sep 12, 2019

Tracked Since Feb 18, 2026