Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Philips — Vulnerabilities & Security Advisories 88

Browse all 88 CVE security advisories affecting Philips. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Philips operates as a global health technology company, primarily manufacturing medical imaging systems, patient monitoring devices, and home health solutions. Its extensive portfolio of connected medical equipment has historically exposed it to critical vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws within its web-based management interfaces. With 88 CVEs currently on record, the company faces significant challenges in securing legacy devices that often lack robust patching mechanisms or default credential protections. Notable incidents include the 2021 ransomware attack by the REvil group, which disrupted healthcare services across Europe and the United States by targeting Philips’ IT infrastructure. These events highlight the critical intersection of operational technology and cybersecurity, emphasizing the urgent need for enhanced security postures in life-critical medical environments to prevent service interruptions and protect patient data integrity.

Top products by Philips: e-Alert Unit (non-medical device) Philips IntelliSpace Portal Hue Bridge Vue PACS Patient Information Center iX (PICiX) Clinical Collaboration Platform SureSigns VS4 IntelliSpace Portal MRI 1.5T Brilliance CT Scanners Philips Alice 6 System IntelliVue MX40 Patient Worn Monitor IntelliSpace Cardiovascular (ISCV) products Intellispace Cardiovascular (ISCV) Patient Information Center iX (PIC iX) IntelliBridge EC 40 Hub PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs DoseWise Portal Interventional Workspot SmartControl Engage Software Philips Tasy EMR Gemini 16 Slice Interoperability Solution XDS IntelliVue patient monitors DreamMapper Efficia CM Series e-Alert EncoreAnywhere Philips Holter 2010 Plus
CVE IDTitleCVSSSeverityPublished
CVE-2021-32993 Philips IntelliBridge EC 40 and EC 80 Hub Use of Hard-coded Credentials — IntelliBridge EC 40 HubCWE-798 8.1 High2021-12-27
CVE-2021-26248 Philips MRI 1.5T and 3T Incorrect Ownership Assignment — MRI 1.5TCWE-708 5.5 -2021-11-19
CVE-2021-42744 Philips MRI 1.5T and 3T Information Exposure — MRI 1.5TCWE-552 5.5 -2021-11-19
CVE-2021-26262 Philips MRI 1.5T and 3T Improper Access Control — MRI 1.5TCWE-286 6.8 -2021-11-19
CVE-2020-27298 Philips Interventional Workstations OS Command Injection — Interventional WorkspotCWE-78 6.5 Medium2021-01-20
CVE-2020-16247 Philips Clinical Collaboration Platform Configuration — Clinical Collaboration PlatformCWE-16 6.8 Medium2020-09-18
CVE-2020-16200 Philips Clinical Collaboration Platform Algorithm Downgrade — Clinical Collaboration PlatformCWE-757 6.5 Medium2020-09-18
CVE-2020-16198 Philips Clinical Collaboration Platform Protection Mechanism Failure — Clinical Collaboration PlatformCWE-693 5.0 Medium2020-09-18
CVE-2020-14525 Philips Clinical Collaboration Platform Improper Neutralization of Script in Attributes in a Web Page — Clinical Collaboration PlatformCWE-83 3.5 Low2020-09-18
CVE-2020-14506 Philips Clinical Collaboration Platform Cross-site Request Forgery — Clinical Collaboration PlatformCWE-352 3.4 Low2020-09-18
CVE-2020-16212 Philips Patient Monitoring Devices Exposure of Resource to Wrong Sphere — Patient Information Center iX (PICiX)CWE-668 8.8 -2020-09-11
CVE-2020-16220 Philips Patient Monitoring Devices Improper Validation of Syntactic Correctness of Input — Patient Information Center iX (PICiX)CWE-1286 6.5 -2020-09-11
CVE-2020-16216 Philips Patient Monitoring Devices Improper Input Validation — IntelliVue patient monitorsCWE-20 6.5 -2020-09-11
CVE-2020-16224 Philips Patient Monitoring Devices Improper Handling of Length Parameter Inconsistency — Patient Information Center iX (PICiX)CWE-130 6.5 -2020-09-11
CVE-2020-16228 Philips Patient Monitoring Devices Improper Check for Certificate Revocation — Patient Information Center iX (PICiX)CWE-299 6.4 -2020-09-11
CVE-2020-16222 Philips Patient Monitoring Devices Improper Authentication — Patient Information Center iX (PICiX)CWE-287 8.8 -2020-09-11
CVE-2020-16214 Philips Patient Monitoring Devices Improper Neutralization of Formula Elements in a CSV File — Patient Information Center iX (PICiX)CWE-1236 8.7 -2020-09-11
CVE-2020-16218 Philips Patient Monitoring Devices Cross-site Scripting — Patient Information Center iX (PICiX)CWE-79 4.3 -2020-09-11
CVE-2020-16239 Philips SureSigns VS4 Improper Authentication — SureSigns VS4CWE-287 4.9 Medium2020-08-21
CVE-2020-16241 Philips SureSigns VS4 Improper Access Control — SureSigns VS4CWE-284 6.3 Medium2020-08-21
CVE-2020-16237 Philips SureSigns VS4 Improper Input Validation — SureSigns VS4CWE-20 2.1 Low2020-08-21
CVE-2020-14518 Philips DreamMapper Insertion of Sensitive Information into Log File — DreamMapperCWE-532 5.3 Medium2020-08-21
CVE-2020-7360 Philips SmartControl DLL Hijacking — SmartControlCWE-427 7.4 High2020-08-13
CVE-2020-14477 Philips Ultrasound Systems Authentication Bypass Using an Alternate Path or Channel — Ultrasound ClearVueCWE-288 3.6 Low2020-06-26
CVE-2020-12023 Philips IntelliBridge Enterprise IBE Insertion of Sensitive Information into Log File — IntelliBridge Enterprise (IBE)CWE-532 2.0 Low2020-06-11
CVE-2019-10968 Philips Holter 2010 Plus 访问控制错误漏洞 — Philips Holter 2010 PlusCWE-477 6.0 -2019-07-24
CVE-2019-6562 Philips Tasy EMR 跨站脚本漏洞 — Philips Tasy EMRCWE-79 5.4 -2019-05-01
CVE-2018-8848 Philips e-Alert 安全漏洞 — e-Alert Unit (non-medical device)CWE-276 9.8 -2018-09-26
CVE-2018-8842 Philips e-Alert 安全漏洞 — e-Alert Unit (non-medical device)CWE-319 8.8 -2018-09-26
CVE-2018-8844 Philips e-Alert 跨站请求伪造漏洞 — e-Alert Unit (non-medical device)CWE-352 8.8 -2018-09-26

This page lists every published CVE security advisory associated with Philips. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.