CVE-2020-16216
MEDIUMPhilips IntelliVue Patient Monitors - Denial of Service via Improper Input Validation
Title source: llmDescription
In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.
References (2)
Core 2
Core References
Various Sources
https://www.philips.com/productsecurity
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
Scores
CVSS v3
6.5
EPSS
0.0070
EPSS Percentile
48.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (15)
philips/intellivue_mp2-mp90_firmware
philips/intellivue_mx100_firmware
philips/intellivue_mx400_firmware
philips/intellivue_mx550_firmware
philips/intellivue_mx600_firmware
philips/intellivue_mx700_firmware
philips/intellivue_mx750_firmware
philips/intellivue_mx800_firmware
philips/intellivue_mx850_firmware
philips/intellivue_x2_firmware
... and 5 more
Published
Sep 11, 2020
Tracked Since
Feb 18, 2026