Philips Delays Fix for Cardiograph Cybersecurity Vulnerabilities

Philips does not intended to fix cybersecurity vulnerabilities in its PageWriter Cardiograph devices, which could allow attackers to modify settings on the devices, until mid-year 2019, according to an August 16 advisory from ICS-CERT.

The PageWriter TC10, TC20, TC30, TC50, TC70 Cardiograph devices suffer from improper input validation and use of hard-coded credentials, the advisory noted.

With the improper input validation, the PageWriter device does not sanitize data entered by user, which can lead to buffer overflow or format string vulnerabilities, the advisory noted.

Read more at HealthIT Security

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio