Threat Intelligence: Advisory Issued for Philips SureSigns VS4 Devices
What Devices Are Affected?
Philips SureSigns VS4 patient monitors, versions A.07.107 and older are at risk. These devices monitor patients’ vital signs.
The ICSMA-20-233-01 advisory was first published on August 20, 2020 by ICS-CERT. This is a set of three vulnerabilities with a combined CVSS v3 base score of 6.3 that threat actors can exploit remotely.
1. CVE-2020-16237: Improper Input Validation
This vulnerability has a CVSS v3 base score of 2.1. If exploited on a device, input and data may not be safely and correctly validated, which can result in false readings of patients’ vitals, negative patient outcomes, and invalid treatment plans.
2. CVE-2020-16241: Improper Access Control
This vulnerability has a CVSS v3 base score of 6.3. Unauthorized actors may receive remote access to the device due to improper access restriction, allowing them to tamper with the device’s function, falsify readings, and extract ePHI.
3. CVE-2020-16239: Improper Authentication
This vulnerability has a CVSS v3 base score of 4.9. The software on the device may not sufficiently prove an actor’s identity and can grant unauthorized access, which can compromise the device’s functionality, allow for ePHI extraction, and falsify readings on patients’ vital signs.
What Is the Vulnerability’s Impact on Health Care?
Each of these vulnerabilities can be exploited remotely and allow unauthorized remote access to the device. Threat actors can steal ePHI and alter the functionality of the device, either of which can compromise treatment plans and cause physical harm to patients. On top of that, any healthcare organization that falls victim to these vulnerabilities can suffer significant reputational and financial damage.
Luckily, hospitals can protect their patients and avoid any detrimental fallout with the proper knowledge and tools.
How Cynerio Can Help You Mitigate the Threat
Step 1: Cynerio can identify and locate all vulnerable devices on your network and send your team members alerts.
Step 2: Once you’ve successfully identified all your at-risk devices, change all system passwords on SureSigns VS4 devices across your organization.
Step 3: Assign unique passwords to each device and be sure to secure them or take them offline when they aren’t in use to prevent unauthorized access.
Step 4: If possible, replace all your at-risk SureSigns VS4 devices with newer models, as recommended by Philips.
Step 5: If any at-risk devices remain in use, Cynerio will automatically configure segmentation policy to reduce your risk.
Step 6: Once your devices are segmented, Cynerio will constantly monitor every at-risk device, flag policy violations, and send alerts to the right team members about any suspicious activity.