CVE-2020-16214

EUVD-2020-8180
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the 
software saves user-provided information into a comma-separated value 
(CSV) file, but it does not neutralize or incorrectly neutralizes 
special elements that could be interpreted as a command when the file is
 opened by spreadsheet software.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Common Weakness Enumeration
References
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity