News | Cybersecurity | April 16, 2018

Company says it has not received any reports of patient harm from vulnerabilities, but is offering remediation options for its customers

Philips Warns of Cybersecurity Vulnerabilities in IntelliSpace and iSite PACS Products

April 16, 2018 — Philips Healthcare last week issued a proactive advisory warning to its iSite and IntelliSpace picture archiving and communication system (PACS) customers of potential security vulnerabilities in the products. The company cautioned that while it has received no reports of patient harm, the vulnerabilities in question could impact or potentially compromise patient confidentiality, system integrity and/or system availability.

Philips identified the cybersecurity vulnerabilities, predominantly in third-party components, that if fully exploited may allow low-skill attackers remote entry to the applications. Once inside, any attackers could potentially:

  • Provide unexpected input into the applications;
  • Execute arbitrary code;
  • Alter the intended control flow of the system;
  • Access sensitive information; or
  • Potentially cause a system crash.

The company said its own analysis does not suggest the vulnerabilities would impact clinical use. This is largely due to the fact that IntelliSpace PACS is operated in a managed service environment that adheres to the latest recommendations of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The company also noted that it uses an automated antivirus solution and offers a monthly recurring patch program for IntelliSpace customers.

ICS-CERT released its own advisory that describes the vulnerabilities in further detail. Read the full ICS-CERT advisory here.

Philips is offering customers three potential pathways to address the security vulnerabilities:

  1. Enrolling in the recurring patch program, which Philips said will remediate 86 percent of all known vulnerabilities;
  2. Option 1 plus updating system firmware, which will remediate 87 percent of all known vulnerabilities, including all known critical vulnerabilities;
  3. Option 2 plus upgrading to IntelliSpace PACS 4.4.5x with Windows operating system 2012, which addresses product hardening. Philips said this option will remediate 99.9 percent of all the known vulnerabilities, including all critical vulnerabilities.

Remediation options are provided at no charge for Philips customers on full service delivery model contracts.

For more information: www.usa.philips.com/healthcare

 


Related Content

News | Artificial Intelligence

July 26, 2024 — GE HealthCare and Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company, announced a strategic ...

Time July 26, 2024
arrow
Videos | Information Technology

Industry trade shows and conferences seem to be making their comeback in 2024. And the Healthcare Information and ...

Time July 25, 2024
arrow
News | Digital Pathology

July 24, 2024 — Proscia, a developer of artificial intelligence (AI)-enabled digital pathology solutions for precision ...

Time July 24, 2024
arrow
News | RSNA

July 23, 2024 — Professional registration is open for RSNA 2024, the world’s largest radiology forum. This year’s theme ...

Time July 23, 2024
arrow
News | Artificial Intelligence

July 23, 2024 — Researchers at the National Institutes of Health (NIH) found that an artificial intelligence (AI) model ...

Time July 23, 2024
arrow
News | Digital Pathology

July 12, 2024 — AGFA HealthCare, a global leader in healthcare imaging management solutions, announced that Enterprise ...

Time July 12, 2024
arrow
News | Digital Pathology

July 12, 2024 — Diagnosing cancer and providing the personalized therapy it often requires, is a collaborative effort ...

Time July 12, 2024
arrow
Feature | Imaging Technology News - ITN

Be sure to check out the latest digital edition of Imaging Technology News (ITN), featuring the Mobile C-arm Systems ...

Time July 11, 2024
arrow
Feature | PACS | By Michael J. Cannavo

Back in 1966, Joni Mitchell sang these words in her song “Both Sides Now:” I’ve looked at clouds from both sides now ...

Time July 08, 2024
arrow
Feature | Radiology Business

ITN conducts a bi-monthly survey to its readers on a variety of topics, which is used to create the Last Read, a unique ...

Time July 08, 2024
arrow
Subscribe Now