Philips warns of potential security vulnerabilities in some ultrasound software

Royal Philips issued a security alert on Wednesday, warning customers of possible vulnerabilities in its ultrasound software.

The Amsterdam-based imaging giant cautioned that unauthorized personnel may be able to bypass authentication protocols but labeled the security risk as “low severity.” Customers have not reported any instances of hackers using this weakness to affect clinical care.

“This potential issue requires local access to an affected system and a high skill level to exploit,” the company wrote June 24, noting that the only of such hacking would be the enabling of features not included with system purchase. “Philips’ analysis indicates that this is not a device safety issue, and there is no expectation of patient hazard,” it added later.

The warning applies only to its Ultrasound ClearVue versions 3.2 and prior, Ultrasound CX versions 5.0.2 and prior, Ultrasound EPIQ and Affiniti versions VM5.0 and prior, Ultrasound Sparq version 3.0.2 and prior, and Ultrasound Xperius.

Philips said it is working to release software updates to address this vulnerability across all of the aforementioned systems. In the meantime, it recommends making sure that servicers can “guarantee installed device integrity” during their repair operations.

Marty Stempniak

Marty Stempniak has covered healthcare since 2012, with his byline appearing in the American Hospital Association's member magazine, Modern Healthcare and McKnight's. Prior to that, he wrote about village government and local business for his hometown newspaper in Oak Park, Illinois. He won a Peter Lisagor and Gold EXCEL awards in 2017 for his coverage of the opioid epidemic. 

Around the web

The patient, who was being cared for in the ICU, was not accompanied or monitored by nursing staff during his exam, despite being sedated.

The nuclear imaging isotope shortage of molybdenum-99 may be over now that the sidelined reactor is restarting. ASNC's president says PET and new SPECT technologies helped cardiac imaging labs better weather the storm.

CMS has more than doubled the CCTA payment rate from $175 to $357.13. The move, expected to have a significant impact on the utilization of cardiac CT, received immediate praise from imaging specialists.