CVE-2020-14477 - Vulnerability Details

In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Philips

Ultrasound ClearVue

unaffected

Version	Status	Constraints
`0`	affected	< versions 3.2

Philips

Ultrasound CX

unaffected

Version	Status	Constraints
`0`	affected	< versions 5.0.2

Philips

Ultrasound EPIQ/Affiniti

unaffected

Version	Status	Constraints
`0`	affected	< versions VM5.0

Philips

Ultrasound Sparq

unaffected

Version	Status	Constraints
`0`	affected	< version 3.0.2

Philips

Ultrasound Xperius

unaffected

Version	Status	Constraints
`all versions`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:philips:clearvue_850_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:clearvue_850:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:philips:clearvue_350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:clearvue_350:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:philips:cx50_firmware:5.0.2:*:*:*:*:*:*:*

cpe:2.3:h:philips:cx50:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:philips:affiniti_70_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:affiniti_70:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:philips:affiniti_50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:affiniti_50:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:philips:epiq_7_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:epiq_7:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:philips:sparq_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:sparq:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:philips:xperius_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:philips:xperius:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Philips Subscribe	Affiniti 50 Subscribe Affiniti 50 Firmware Subscribe Affiniti 70 Subscribe Affiniti 70 Firmware Subscribe Clearvue 350 Subscribe Clearvue 350 Firmware Subscribe Clearvue 850 Subscribe Clearvue 850 Firmware Subscribe Cx50 Subscribe Cx50 Firmware Subscribe Epiq 7 Subscribe Epiq 7 Firmware Subscribe Sparq Subscribe Sparq Firmware Subscribe Xperius Subscribe Xperius Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2020-6613	In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information.

Fixes

Solution

Philips released Ultrasound EPIQ/Affiniti Version VM6.0 in April 2020 and recommends users with the Ultrasound EPIQ/Affiniti systems to contact their local Philips service support team, or regional service support for installation information. Philips is currently planning the following new releases: * Ultrasound ClearVue Version 3.3 release in Q4 2020 * Ultrasound CX Version 5.0.3 release in Q4 2020 * Ultrasound Sparq Version 3.0.3 release in Q4 2020 As an interim mitigation to this vulnerability, Philips recommends customers ensure service providers can guarantee installed device integrity during all service and repair operations. Users with questions regarding their specific Ultrasound installation should contact the Philips service support team or regional service support. Users can contact Philips customer service https://www.usa.philips.com/healthcare/solutions/customer-service-solutions , and find more details in the Philips advisory http://www.philips.com/productsecurity (external link). Please see the Philips product security website http://www.philips.com/productsecurity for the latest security information for Philips products.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.us-cert.gov/ics/advisories/icsma-20-177-01

History

Wed, 04 Jun 2025 22:00:00 +0000

Type	Values Removed	Values Added
Title		Philips Ultrasound Systems Authentication Bypass Using an Alternate Path or Channel
Metrics	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}`	cvssV3_1 `{'score': 3.6, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2020-06-26T16:15:14

Updated: 2025-06-04T21:56:59.294Z

Reserved: 2020-06-19T00:00:00

Link: CVE-2020-14477

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-06-26T17:15:10.280

Modified: 2025-06-04T22:15:22.960

Link: CVE-2020-14477

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object