CVE-2020-16247

MEDIUM

Philips Clinical Collaboration Platform - Exposure to Wrong Actor

Title source: rule

Description

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References (2)

[Third Party Advisory, US Government Resource] https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

[Various Sources] https://www.philips.com/a-w/security/security-advisories/product-security-2020.html#2020_archive

Scores

CVSS v3 6.8

EPSS 0.0004

EPSS Percentile 13.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Classification

CWE

CWE-16 CWE-668

Status published

Affected Products (1)

philips/clinical_collaboration_platform < 12.2.1

Timeline

Published Sep 18, 2020

Tracked Since Feb 18, 2026