#VU21104 Use of Hard-coded Password in Philips products - CVE-2019-13530

Cybersecurity Help s.r.o.

Published: 2019-09-13

Vulnerability identifier: #VU21104

Vulnerability risk: Medium

CVSSv4.0: 4.4 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-13530

CWE-ID: CWE-259

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
IntelliVue MX600
Hardware solutions / Medical equipment
IntelliVue MX700
Hardware solutions / Medical equipment
IntelliVue MX800
Hardware solutions / Medical equipment
IntelliVue MPX2
Hardware solutions / Medical equipment
IntelliVue MP2
Hardware solutions / Medical equipment
IntelliVue MP5SC
Hardware solutions / Medical equipment
IntelliVue MP5
Hardware solutions / Medical equipment
IntelliVue MP90
Hardware solutions / Medical equipment
IntelliVue MP80
Hardware solutions / Medical equipment
IntelliVue MP70
Hardware solutions / Medical equipment
IntelliVue MP60
Hardware solutions / Medical equipment
IntelliVue MP50
Hardware solutions / Medical equipment
IntelliVue MP40
Hardware solutions / Medical equipment
IntelliVue MP30
Hardware solutions / Medical equipment
IntelliVue MP20
Hardware solutions / Medical equipment

Vendor: Philips

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components. A remote attacker can use these credentials to login via ftp and upload a malicious firmware.

Mitigation
This vulnerability was fixed only in the WLAN Version C.

Vulnerable software versions

IntelliVue MX600: A.01.09

IntelliVue MX700: A.01.09

IntelliVue MX800: A.01.09

IntelliVue MPX2: A.01.09

IntelliVue MP2: A.01.09

IntelliVue MP5SC: A.03.09

IntelliVue MP5: A.03.09

IntelliVue MP90: A.03.09

IntelliVue MP80: A.03.09

IntelliVue MP70: A.03.09

IntelliVue MP60: A.03.09

IntelliVue MP50: A.03.09

IntelliVue MP40 : A.03.09

IntelliVue MP30: A.03.09

IntelliVue MP20: A.03.09

External links
https://www.us-cert.gov/ics/advisories/icsma-19-255-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for git

Gentoo update for Git

OpenSUSE Linux update for git

Amazon Linux AMI update for git

Multiple vulnerabilities in Philips IntelliVue products