CVE-2021-27493

Name of the Vulnerable Software and Affected Versions Philips Vue PACS versions 12.2.x.x and prior

Description The issue arises from the software not ensuring or incorrectly ensuring that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

Recommendations For Philips Vue PACS versions 12.2.x.x and prior, consider restricting access to upstream and downstream components until a patch is available. As a temporary workaround, ensure that all data exchanged with the Philips Vue PACS is thoroughly validated to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.