Your one-stop web resource providing safety and security information to manufacturers

Philips created an update that mitigates the heap-based buffer overflow in its Xper application, according to a report on ICS-CERT.

Philips has tested the update and verified that it resolves the remotely exploitable vulnerability, discovered by independent researcher Billy Rios.

Bug in Siemens SCALANCE X-200
Emerson Patches RTU Holes
Schneider Continues Quantum Fixes
Mitsubishi ActiveX Control Bug

The following Xper Information Management versions suffer from the issue:
• Xper Information Management Physiomonitoring 5 system components,
• Xper Information Management Vascular Monitoring 5 system components, and
• Xper Information Management (Flex Cardio product line) servers and workstations.

These products have a problem if the XperConnect Broker ends up used in line.

Schneider Bold

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code with administrator-level privileges, affecting the availability, integrity, and confidentiality of the system.

Philips is a global company that maintains offices in several countries around the world, including countries in Africa, Asia, Europe, Latin America, Middle East, and North America.

The affected product, Xper, is a Cardio Physiomonitoring system. According to Philips, Xper deploys across the Healthcare and Public Health sector. Philips estimates these products see use primarily in the United States and Europe with a small percentage in Asia.

The Xper Connect broker listens to Port 6000/TCP by default. By sending an HTTP request outside the bounds of the buffer to Port 6000/TCP, an attacker can cause a heap-based buffer resulting in loss of confidentiality, integrity, and availability.

CVE-2013-2808 is the number assigned to this vulnerability, which has a CVSS v2 base score of 9.3.

No known public exploits specifically target this vulnerability and an attacker with a medium skill would be able to exploit this vulnerability.

Philips released an update, XperConnect SP2, that mitigates this vulnerability.

The update is available at the Philips web site.

Pin It on Pinterest

Share This