CVE-2023-40704 – This vulnerability in Philips PACS systems allo... (How to Fix)

📋 TL;DR

This vulnerability in Philips PACS systems allows attackers to gain unauthorized access by exploiting weak default passwords. It affects healthcare organizations using vulnerable Philips Picture Archiving and Communication System installations. Compromise could lead to database access, system disruption, and patient data integrity issues.

💻 Affected Systems

Products:

Philips Picture Archiving and Communication System (PACS)

Versions: Specific versions not detailed in advisory; all installations with default passwords are vulnerable

Operating Systems: Not specified, likely multiple

Default Config Vulnerable: ⚠️ Yes

Notes: Systems using Philips's default installation passwords without modification are vulnerable. Medical imaging systems in healthcare environments.

📦 What is this software?

Vue Pacs by Philips

View all CVEs affecting Vue Pacs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing database manipulation, patient data theft/modification, and denial of service to critical medical imaging systems.

🟠

Likely Case

Unauthorized access to sensitive patient data and potential system availability issues if passwords are discovered through brute force or credential leaks.

🟢

If Mitigated

Minimal impact with strong password policies, regular credential rotation, and proper network segmentation in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires knowledge of default credentials but is trivial once obtained. No authentication bypass needed if default passwords are unchanged.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: http://www.philips.com/productsecurity

Restart Required: No

Instructions:

1. Change all default passwords to strong, unique credentials
2. Implement password policies requiring complexity and regular rotation
3. Review Philips security advisory for specific guidance

🔧 Temporary Workarounds

Password Policy Enforcement

all

Implement and enforce strong password policies across all PACS system accounts

Network Segmentation

all

Isolate PACS systems from general network access and implement strict firewall rules

🧯 If You Can't Patch

Implement multi-factor authentication if supported
Deploy network monitoring and intrusion detection specifically for PACS system access patterns

🔍 How to Verify

Check if Vulnerable:

Review system configuration to verify if default Philips installation passwords are still in use. Check password policies and complexity requirements.

Check Version:

Consult Philips documentation for version-specific commands; typically through system administration interface

Verify Fix Applied:

Confirm all default passwords have been changed to strong, unique credentials. Verify password policies are enforced.

📡 Detection & Monitoring

Log Indicators:

Failed authentication attempts, successful logins from unusual locations/times, multiple login attempts with default credentials

Network Indicators:

Unexpected database access patterns, unusual network traffic to/from PACS systems

SIEM Query:

source="pacs_logs" AND (event_type="authentication" AND (result="failure" OR user="default_user"))

📊 Metadata

CVE ID: CVE-2023-40704

CVSS v3 Score: 6.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-1392

Published: July 18, 2024

Last Updated: April 9, 2025

🔗 References

http://www.philips.com/productsecurity Product
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 Third Party Advisory,US Government Resource
http://www.philips.com/productsecurity Product
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-40704, you might also want to check these: