Alerta De Seguridad para Xper Information Management system components and Calysto system components

Según Department of Health, este evento ( alerta de seguridad ) involucró a un dispositivo médico en Hong Kong que fue producido por Philips Healthcare.

¿Qué es esto?

Las alertas proporcionan información importante y recomendaciones sobre los productos. Aunque se haya emitido una alerta, esto no significa necesariamente que el producto se considera peligroso. Las alertas de seguridad, dirigidas a trabajadores de la salud y a usuarios, pueden incluir retiro de equipos. Pueden ser escritas por los fabricantes, pero también por funcionarios del área de salud.

Más información acerca de la data acá
  • Tipo de evento
    Safety alert
  • Fecha
    2013-03-07
  • Fecha de publicación del evento
    2013-03-07
  • País del evento
  • Fuente del evento
    DH
  • URL de la fuente del evento
  • Notas / Alertas
    Hong Kong data is current through September 2018. All of the data comes from the Department of Health (Hong Kong), except for the categories Manufacturer Parent Company and Product Classification.
    The Parent Company and the Product Classification were added by ICIJ.
    The parent company information is based on 2017 public records. The device classification information comes from FDA’s Product Classification by Review Panel, based on matches of data from the U.S. and Hong Kong.
  • Notas adicionales en la data
    Medical Device Safety Alert
  • Causa
    Medical device field corrective action: philips xper information management system components and calysto system components medical device manufacturer,philips healthcare has initiated a medical device field correction action concerning all xper information management system components and calysto system components installed after january 2008. philips healthcare has become aware that certain default passwords loaded on a number of our devices at the factory have been recently disclosed to the general public by security researchers. if passwords for the workstation or server hosting the software are unchanged following installation, there exists the possibility of access to the operating system of the device. this could enable an unauthorized user to gain control of the operating system of the workstation and server supporting the patient monitoring system. the security researchers also demonstrated a network based heap overflow vulnerability in the xper connect broker component on port 6000 of the device. although the exploit code has not been publicly disclosed, philips healthcare is currently working on resolutions to this issue. as a temporary measure, this port can be safely firewalled to eliminate any immediate threat. the manufacturer advises users to alert the service account(s) per the facility it security protocols and contact the local philips service organization to let them know about any changes to the service account the users may have alerted or created. according to the local supplier, the affected products were distributed in hong kong. if you are in possession of the affected product, please contact your supplier for necessary actions. posted on 7 march 2013.

Device

  • Modelo / Serial
  • Descripción del producto
    Medical Device Safety Alert: Philips Xper Information Management system components and Calysto system components
  • Manufacturer

Manufacturer

  • Empresa matriz del fabricante (2017)
  • Source
    DH