On November 18th, five vulnerabilities were identified affecting Phillips devices. The alert was split into two advisories and affects the Phillips Patient Information Center (PIC), IntelliBridge bedside modules, and Efficia Patient Monitors. Exploitation could allow attackers to access patient data, modify system configurations, launch denial of service attacks, and more. For additional information, see the following links: ICSMA-21-322-01, ICSMA-21-322-02.


Affected devices

  • Philips Patient Information Center iX, Patient Monitor Gateway: Versions B.02, C.02, C.03
  • Efficia CM Series, Patient Monitors: Revisions A.01 to C.0x and 4.0
  • IntelliBridge EC 40 and 80 Hub, Medical Device Integrator: Version C.00.04 and prior


Medigate is reporting these vulnerabilities in the Threat Intel feed and flagging affected devices for users in the dashboard.



Philips released remediation steps for one of the CVEs (CVE-2021-43548) in Q3 2021 in PIC iX C.03.06. They plan to provide software upgrades for the rest of the vulnerabilities by the end of 2021 or early 2022. Until then, they recommend applying the mitigation steps listed in the advisories above. Phillips is evaluating the work needed for the second PIC iX, IntelliBridge, and Efficia vulnerabilities.


What can you do about it?

  • Identify and locate all impacted devices in your environment
  • Segment your network to contain risks. Consider segmenting and isolating potentially affected devices to minimize the impact of exploitation.
  • Install software upgrade C.03.06 for the affected Philips PIC iX devices
  • Observe segmented traffic for anomalies until the rest of the patches are available


As always, reach out to the Medigate team for further information or assistance in remediation.


To learn more about the Medigate Research Labs and our Threat Intel Feed, visit medigate.io.