CVE-2020-16216

MEDIUM

Philips IntelliVue Patient Monitors - Denial of Service via Improper Input Validation

Title source: llm
STIX 2.1

Description

In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly, which can induce a denial-of-service condition through a system restart.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01

Scores

CVSS v3 6.5
EPSS 0.0070
EPSS Percentile 48.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (15)
philips/intellivue_mp2-mp90_firmware
philips/intellivue_mx100_firmware
philips/intellivue_mx400_firmware
philips/intellivue_mx550_firmware
philips/intellivue_mx600_firmware
philips/intellivue_mx700_firmware
philips/intellivue_mx750_firmware
philips/intellivue_mx800_firmware
philips/intellivue_mx850_firmware
philips/intellivue_x2_firmware
... and 5 more
Published Sep 11, 2020
Tracked Since Feb 18, 2026