CVE-2019-13534

HIGH

Philips IntelliVue - Code Injection

Title source: llm

Description

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

References (1)

[Mitigation, Third Party Advisory, US Government Resource] https://www.us-cert.gov/ics/advisories/icsma-19-255-01

Scores

CVSS v3 7.2

EPSS 0.0011

EPSS Percentile 28.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-494

Status published

Products (4)

philips/intellivue_mp_monitors_mp20-mp90_firmware a.03.09

philips/intellivue_mp_monitors_mp2\/x2_firmware a01.09

philips/intellivue_mp_monitors_mp5\/5sc_firmware a.03.09

philips/intellivue_mp_monitors_mx800\/700\/600_firmware a.01.09

Published Sep 12, 2019

Tracked Since Feb 18, 2026