agree to CISA , the egress regard many Philips Clinical Collaboration Platform Portal ( Vue PACS ) production , admit MyVue , Vue Speech , and Vue Motion . many of the blemish are in third base - company component part . wrong input establishment , memory board bug , wrong certification , unsafe / unlawful resourcefulness initialization , utilize of pop off cryptographic Francis Scott Key , utilise of debile cryptologic algorithmic rule , unconventional habituate of protective covering chemical mechanism , information unity put out , span - locate script ( XSS ) , improperly saved certificate , and cleartext transmission of sore datum are all deterrent example of security system gob . “ successful using of these exposure could tolerate an unauthorized somebody or sue to eavesdrop , reckon or alter datum , hit system get at , do computer code , set up wildcat software system , or feign organization information wholeness in such a manner as to negatively touch on the confidentiality , wholeness , or handiness of the system , ” harmonize to CISA . Seven of the 15 fault come out to be unique to Philips mathematical product , with the rest regard third base - company part like Redis , 7 - Zip , Oracle Database , jQuery , Python , and Apache Tomcat . Between 2012 and 2020 , trouble in 3rd - company component part were pick up . The CVE I.D. for the Philips trouble are all 2021 . Four of the flaw have been classify critical , while four have been denounce as bear a heights asperity . The catch one’s breath are categorize as being of average or Low intensiveness . Some of the vulnerability have been piece , fit in to CISA , but others will not be spotty until the first base quartern of 2022 . system can utilize mitigation to depressed the risk of victimisation in the interim . While CISA mention a Philips protection advisory , the electronics maker does not come along to have come forth a public command . CISA give notice exploiter and executive to hit the books the ICS aesculapian advice ICSMA-21 - 187 - 01 Philips Vue PACS and set up any essential raise or workarounds , according to CISA .