Philips has guidance and mitigations to offset multiple vulnerabilities in its Brilliance CT Scanners, according to a report with NCCIC.
The vulnerabilities include an execution with unnecessary privileges, exposure of resource to wrong sphere and a use of hard-coded credentials.
Successful exploitation of these vulnerabilities, which Philips self-reported, may allow an attacker to attain elevated privileges and access unauthorized system resources, including access to execute software or to view/update files including patient health information (PHI), directories, or system configuration. This could impact system confidentiality, system integrity, or system availability. Philips has received no reports of exploitation or incidents associated with these vulnerabilities.
Philips reports that the vulnerabilities affect the following Brilliance CT Scanners:
• Brilliance 64 version 2.6.2 and below
• Brilliance iCT versions 4.1.6 and below
• Brilliance iCT SP versions 3.2.4 and below
• Brilliance CT Big Bore 2.3.5 and below
In one vulnerability, Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated privileges. Also, attackers may gain access to unauthorized resources from the underlying Windows operating system.
CVE-2018-8853 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.1.
In addition, vulnerabilities within the Brilliance CT kiosk environment could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.
CVE-2018-8861 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.1.
Also, the software contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. An attacker could compromise these credentials and gain access to the system.
CVE-2018-8857 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.4.
The product sees use in the healthcare and public health sectors. It also sees action on a global basis.
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. However, an attacker with low skill level could leverage the vulnerabilities.
Philips has identified the following guidance and controlling risk mitigations:
• Users should operate all Philips deployed and supported Brilliance CT products within Philips authorized specifications, including Philips approved software, software configuration, system services, and security configuration such as firewall operations.
• Philips also recommends users implement a comprehensive, multi-layered strategy to protect their systems from internal and external security threats, including restricting physical access of the scanner to only authorized personnel, thus reducing the risk of physical access being compromised by an unauthorized user.
Philips has also remediated hard-coded credential vulnerabilities for Brilliance iCT 4.x and above versions. The Philips iCT-iPatient (v4.x) family Instructions for Use (IFU) refers to the ability to manage credentials and is accessible from Philips InCenter for entitled users.
Philips will be further assessing options for remediation with future product introductions and/or upgrades across the Brilliance CT modality to address these identified security vulnerabilities. Users with questions about their specific Brilliance CT product should contact their local Philips service support team or their regional service support.
Click here to view the Philips advisory.