Overview
Philips has released a security advisory that addresses 13 vulnerabilities in the Philips Vue Picture Archiving and Communication System (PACS) image-management platform. Successful exploitation of these vulnerabilities could allow an unauthorised attacker to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorised software, or affect system data integrity to negatively impact system confidentiality, integrity, or availability. Philips has not received any reports of patient harm, exploitation of these issues, or incidents from clinical use.
SolarWinds has released thirteen security advisories that address eight critical and five high severity vulnerabilities. Some of these vulnerabilities relate to remote code execution (RCE), information disclosure, authentication bypass, and arbitrary file deletion.
Ivanti has disclosed four vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. The advisory addresses three high severity vulnerabilities and one medium severity. Ivanti EPMM is a mobile management software engine that enables IT to set policies for mobile devices, applications, and content.
Cisco has released advisories covering multiple products including two critical vulnerabilities, three high, and four medium severity. The two critical vulnerabilities are known as CVE-2024-20419 and CVE-2024-20401.
Recommended Action
Organisations are encouraged to review the appropriate security advisory pages and apply the updates:
Phillips – Phillips Security Advisories
Solarwinds – Release Notes
Ivanti – Security Advisory
Cisco – Security Advisories
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.