{"id":8632,"date":"2021-07-20T05:35:10","date_gmt":"2021-07-20T12:35:10","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8632"},"modified":"2023-03-03T14:19:08","modified_gmt":"2023-03-03T21:19:08","slug":"radiographers-patch-these-16-philips-vue-pacs-vulnerabilities","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/radiographers-patch-these-16-philips-vue-pacs-vulnerabilities\/","title":{"rendered":"Radiographers: Patch These 16 Philips Vue PACS Vulnerabilities"},"content":{"rendered":"<p dir=\"ltr\">On 6 July 2021, Philips &#8211; a multinational healthcare association, released security patches for <strong>16\u00a0serious vulnerabilities<\/strong> in their PACS Clinical Collaboration Platform. Picture Archiving and Communications System (PACS) software allows healthcare clinics and hospitals to digitally view MRIs, CT scans, and ultrasound images of the patients from several locations.<\/p>\n<p dir=\"ltr\">Storing medical images that belong to patients is an extremely sensitive process. However, the most likely reason for threat actors to break-in is that the PACS is employed as a gateway to the rest of the medical records, giving them the opportunity to shut down services and use it as a possible ransomware threat to demand money from the healthcare provider.<\/p>\n<p dir=\"ltr\">We analyzed 16\u00a0vulnerabilities in the Philips Vue PACS software and highlighted the ones that need to be prioritized for immediate patching.<\/p>\n<h2 dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 453px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-1-3.png\" alt=\"\" \/><\/h2>\n<h2 dir=\"ltr\"><strong>Weaponized Vulnerabilities<\/strong><\/h2>\n<p>We have three vulnerabilities that are known exploits. Here is what we found &#8211;<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Two CVEs are associated with Buffer Overflow and one is Remote Code Execution.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">CVE-2018-10115 is linked to<strong> Stop ransomware.<\/strong><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">All of the weaponized vulnerabilities are older ones with a CVSS v3 score ranging from <strong>7.8<\/strong> to <strong>9.8<\/strong>.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">All three CVEs have been red-flagged by CISA.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">CVE-2018-12326 and CVE-2018-11218 have a CWE ID of <strong>CWE-119<\/strong> (Improper Restriction of Operations within the Bounds of a Memory Buffer) and <strong>CWE-787<\/strong> (Out-of-bounds Write) that falls under the <a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2020\/2020_cwe_top25.html\">2020 Top 5 most dangerous software weaknesses.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Popular scanners such as Nessus and Qualys were able to detect these weaponized vulnerabilities.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 338px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-2-4.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><strong>Old Vulnerabilities<\/strong><\/h2>\n<p>Nine Old vulnerabilities have been patched, ranging from the year 2012 to 2020.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Two CVEs are linked to <strong>Stop<\/strong> and <strong>Maze<\/strong> ransomware.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Seven CVEs are classified as RCE bugs, two are Buffer Overflow, and one is Cross-Site Request Forgery.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Interestingly, CVE-2015-9251 is associated with <strong>Maze ransomware<\/strong>, <strong>APT 1,<\/strong> and\u00a0Malware threats\u00a0 (<strong>OceanSalt<\/strong>,<strong> Auriga<\/strong>,<strong> Bangat<\/strong>,<strong> BISCUIT<\/strong>, <strong>MAPIGET<\/strong>,<strong> TARSIP<\/strong>,<strong> SEASALT<\/strong>,\u00a0<strong> KURTON<\/strong>, and<strong>\u00a0 HELAUTO).<\/strong><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">These older CVEs have got a CVSS v3 score ranging from <strong>6.1<\/strong> to <strong>9.8<\/strong>.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Eight out of nine old vulnerabilities were detected by Nessus and Qualys scanners.<\/p>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" style=\"width: 550px; height: 465px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-4-1.png\" alt=\"\" \/><\/p>\n<p>55% of these old vulnerabilities come under the category of <a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2020https:\/\/cwe.mitre.org\/top25\/archive\/2020https:\/\/cwe.mitre.org\/top25\/archive\/2020\/2020_cwe_top25.html\/2020_cwe_top25.html\/2020_cwe_top25.html\">2020 Top 15 most dangerous software weaknesses.<\/a><\/p>\n<h2 dir=\"ltr\"><strong>CISA Alerts<\/strong><\/h2>\n<p dir=\"ltr\">On 6 July 2021, CISA issued an<a href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/07\/06\/cisa-releases-security-advisory-philips-vue-pac-products\"> Industrial Controls Systems (ICS) Medical Advisory<\/a> highlighting multiple vulnerabilities in Philips Vue PACS products.<\/p>\n<p>An attacker can exploit these vulnerabilities to take control of an affected system and process to eavesdrop, view or modify data, gain system access, perform code execution, and install unauthorized software. Therefore, patching these vulnerabilities should be a top priority.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 474px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-3-2.png\" alt=\"\" \/><\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shruJ7w0cX0TiV7QB?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><strong>Table: Philips Vue Security Patches\u00a0<\/strong><\/p>\n<p>As healthcare enters a new era of increased data vulnerability, radiologists should be aware that they may be working with tampered data. If pixel manipulation is suspected in the images, redundancy in datasets should be used to confirm it. Therefore, we suggest radiologists and radiology administrators include possible security measures in equipment specifications and purchase contracts.<\/p>\n<p dir=\"ltr\">All the Philips Vue systems prior to versions 12.2.x.x in Speech, MyVue, and PACS are affected. Therefore, we recommend Radiographers to upgrade to the newest Philips Vue PACS software, which runs on Windows Operating System 2019 and enables security patching processes to get timely security upgrades.<\/p>\n<p dir=\"ltr\" style=\"text-align: center;\"><span style=\"font-size: 20px;\"><strong>Need a HIPAA risk assessment?\u00a0<\/strong><\/span><\/p>\n<p dir=\"ltr\" style=\"text-align: center;\"><span style=\"font-size: 20px;\"><strong><a href=\"https:\/\/cybersecurityworks.com\/get-quote.php\">Talk to CSW Experts<\/a>!<\/strong><\/span><\/p>\n<p dir=\"ltr\" style=\"text-align: center;\">\n","protected":false},"excerpt":{"rendered":"<p>On 6 July 2021, Philips &#8211; a multinational healthcare association, released security patches for 16\u00a0serious vulnerabilities in their PACS Clinical Collaboration Platform. Picture Archiving and Communications System (PACS) software allows healthcare clinics and hospitals to digitally view MRIs, CT scans, and ultrasound images of the patients from several locations. Storing medical images that belong to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14442,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[289,295],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch\/8632"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/14442"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=8632"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_category?post=8632"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}