CVE-2020-16220

In Patient Information Center iX (PICiX) Versions C.02, C.03, 
PerformanceBridge Focal Point Version A.01, the product receives input 
that is expected to be well-formed (i.e., to comply with a certain 
syntax) but it does not validate or incorrectly validates that the input
 complies with the syntax, causing the certificate enrollment service to
 crash. It does not impact monitoring but prevents new devices from 
enrolling.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
icscertCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Common Weakness Enumeration
References
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity