CVE-2020-16228— Philips Patient Monitoring Devices Improper Check for Certificate Revocation
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-16228
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Philips Patient Monitoring Devices Improper Check for Certificate Revocation
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Patient Information Center iX (PICiX) Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a compromised certificate.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书撤销验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Patient Information 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Patient Information 中存在漏洞。该漏洞源于在电子表格软件打开文件时可能解释为命令的特殊元素。以下是受影响的产品及版本:B.02, C.02, C.03。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Philips | Patient Information Center iX (PICiX) | C.02 | - | |
| Philips | PerformanceBridge Focal Point | A.01 | - | |
| Philips | IntelliVue patient monitors | MX100 | - | |
| Philips | IntelliVue X3 | 0 ~ N | - |
II. Public POCs for CVE-2020-16228
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-16228
请登录查看更多情报信息。
- https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-16228
Same Patch Batch · Philips · 2020-09-11 · 8 CVEs total
| CVE-2020-16212 | Philips Patient Monitoring Devices Exposure of Resource to Wrong Sphere | |
| CVE-2020-16214 | Philips Patient Monitoring Devices Improper Neutralization of Formula Elements in a CSV Fi | |
| CVE-2020-16216 | Philips Patient Monitoring Devices Improper Input Validation | |
| CVE-2020-16218 | Philips Patient Monitoring Devices Cross-site Scripting | |
| CVE-2020-16220 | Philips Patient Monitoring Devices Improper Validation of Syntactic Correctness of Input | |
| CVE-2020-16222 | Philips Patient Monitoring Devices Improper Authentication | |
| CVE-2020-16224 | Philips Patient Monitoring Devices Improper Handling of Length Parameter Inconsistency |
IV. Related Vulnerabilities
Same product: Patient Information Center iX (PICiX)
- CVE-2020-16212
Philips Patient Monitoring Devices Exposure of Resource to W - CVE-2020-16220
Philips Patient Monitoring Devices Improper Validation of Sy - CVE-2020-16224
Philips Patient Monitoring Devices Improper Handling of Leng - CVE-2020-16222
Philips Patient Monitoring Devices Improper Authentication - CVE-2020-16214
Philips Patient Monitoring Devices Improper Neutralization o
Same vendor: Philips
- CVE-2026-3562
Philips Hue Bridge hk_hap Ed25519 Signature Verification Aut - CVE-2026-3561
Philips Hue Bridge hk_hap characteristics Heap-based Buffer - CVE-2026-3560
Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-base - CVE-2026-3559
Philips Hue Bridge HomeKit Accessory Protocol Static Nonce A - CVE-2026-3558
Philips Hue Bridge HomeKit Accessory Protocol Transient Pair
Same weakness: CWE-299
- CVE-2026-4428
CRL Distribution Point Scope Check Logic Error in AWS-LC - CVE-2025-11955
Incorrect validation of OCSP certificates in TheGreenBow VPN - CVE-2025-36057
IBM Cognos Analytics Mobile (iOS) authentication bypass - CVE-2025-3085
MongoDB Server running on Linux may allow unexpected connect - CVE-2024-56138
Timestamp signature generation lacks certificate revocation
V. Comments for CVE-2020-16228
No comments yet