Severity

High

Analysis Summary

CVE-2021-3083

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2021-3085

The software assigns an owner who is outside the intended control sphere to a resource.

CVE-2021-3084

The product exposes sensitive information to an actor not explicitly authorized to have access.

Impact

• Exposure of Sensitive Data
• Unauthorized Access

Affected Vendors

• Philips

Affected Products

• MRI 1.5T: Version 5.x.x
• MRI 3T: Version 5.x.x

Remediation

Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.