News | Cybersecurity | April 16, 2018

Philips Warns of Cybersecurity Vulnerabilities in IntelliSpace and iSite PACS Products

Company says it has not received any reports of patient harm from vulnerabilities, but is offering remediation options for its customers

Philips Warns of Cybersecurity Vulnerabilities in IntelliSpace and iSite PACS Products

April 16, 2018 — Philips Healthcare last week issued a proactive advisory warning to its iSite and IntelliSpace picture archiving and communication system (PACS) customers of potential security vulnerabilities in the products. The company cautioned that while it has received no reports of patient harm, the vulnerabilities in question could impact or potentially compromise patient confidentiality, system integrity and/or system availability.

Philips identified the cybersecurity vulnerabilities, predominantly in third-party components, that if fully exploited may allow low-skill attackers remote entry to the applications. Once inside, any attackers could potentially:

  • Provide unexpected input into the applications;
  • Execute arbitrary code;
  • Alter the intended control flow of the system;
  • Access sensitive information; or
  • Potentially cause a system crash.

The company said its own analysis does not suggest the vulnerabilities would impact clinical use. This is largely due to the fact that IntelliSpace PACS is operated in a managed service environment that adheres to the latest recommendations of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The company also noted that it uses an automated antivirus solution and offers a monthly recurring patch program for IntelliSpace customers.

ICS-CERT released its own advisory that describes the vulnerabilities in further detail. Read the full ICS-CERT advisory here.

Philips is offering customers three potential pathways to address the security vulnerabilities:

  1. Enrolling in the recurring patch program, which Philips said will remediate 86 percent of all known vulnerabilities;
  2. Option 1 plus updating system firmware, which will remediate 87 percent of all known vulnerabilities, including all known critical vulnerabilities;
  3. Option 2 plus upgrading to IntelliSpace PACS 4.4.5x with Windows operating system 2012, which addresses product hardening. Philips said this option will remediate 99.9 percent of all the known vulnerabilities, including all critical vulnerabilities.

Remediation options are provided at no charge for Philips customers on full service delivery model contracts.

For more information: www.usa.philips.com/healthcare

 

Related Content

Konica Minolta Healthcare, NewVue Team Up to Launch Integrated Teleradiology Solution
News | Teleradiology
Konica Minolta, NewVue Team Up to Launch Integrated Teleradiology Solution

May 21, 2025 — Konica Minolta Healthcare Americas, Inc and NewVue have announced the introduction of Exa Teleradiology ...

Time May 21, 2025
arrow
Philips Releases Future Health Index 2025
News | Artificial Intelligence
Philips Releases Future Health Index 2025

May 15, 2025 – Royal Philips, a global leader in health technology, has released its 10th annual Future Health Index ...

Time May 19, 2025
arrow
News | Artificial Intelligence
Bialogics Introduces Evidence-Driven Framework for AI Performance Monitoring

May 14, 2025 – Bialogics Analytics Inc., a leader in radiology informatics, has introduced its new AI solution AI ...

Time May 16, 2025
arrow
NewVue.ai, MD.AI Announce Integration Partnership
News | Artificial Intelligence
NewVue.ai, MD.AI Announce Integration Partnership

May 6, 2025 — NewVue.ai, a leader in cloud-native radiology workflow orchestration, and MD.ai, a pioneer in AI-enhanced ...

Time May 06, 2025
arrow
SIIM25
News | SIIM
Discover the Future of Imaging Informatics at SIIM25

April 14, 2025 —The Society for Imaging Informatics in Medicine (SIIM) Annual Meeting is set to take place May 23 to 25 ...

Time April 14, 2025
arrow
News | Artificial Intelligence
Riverain Technologies Expands Globally, Launches FDA-Cleared Technology

Feb. 4, 2025 — Riverain Technologies recently announced it expanded across eight countries in 2024 and added nearly 50 ...

Time February 04, 2025
arrow
Sponsored Content | Case Study | PACS
Extending the Reach

eHealth Saskatchewan plays a vital role in providing IT services to patients, health care providers, and partners such ...

Time February 03, 2025
arrow
Careverse Debuts New Technology
News | Artificial Intelligence
Careverse Debuts New Technology

Dec. 12, 2024 — At RSNA 2024, Careverse officially made its debut, exhibiting in the AI Showcase area, sharing its ...

Time December 18, 2024
arrow
News | Artificial Intelligence
Radin Health Debuts All-in-One Radiology Workflow Management Solution

Dec. 17, 2024 — Radin Health, a provider of advanced radiology AI-Powered solutions, highlighted its All-in-One ...

Time December 18, 2024
arrow
GE HealthCare selects AWS as its strategic cloud provider to deliver entirely new, purpose-built foundation models designed to fast-track the development of innovative healthcare applications
News | Artificial Intelligence
GE HealthCare and AWS Announce Strategic Collaboration to Accelerate Healthcare Transformation With Generative AI

July 26, 2024 — GE HealthCare and Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company, announced a strategic ...

Time July 26, 2024
arrow
© Copyright Wainscot Media. All Rights Reserved.
Subscribe Now