Events

Safety Alert for Xper Information Management system components and Calysto system components

According to Department of Health, this safety alert involved a device in Hong Kong that was produced by Philips Healthcare.

What is this?

Alerts provide important information and recommendations about products. Even though an alert has been issued, it does not necessarily mean a product is considered to be unsafe. Safety Alerts, addressed to health workers and users, may include recalls. They can be written by manufacturers, but also by health officials.

Learn more about the data here
  • Type of Event
    Safety alert
  • Date
    2013-03-07
  • Event Date Posted
    2013-03-07
  • Event Country
    Hong Kong
  • Event Source
    DH
  • Event Source URL
    https://www.mdco.gov.hk/english/safety/recalls/recalls_20130307.html
  • Notes / Alerts
    Hong Kong data is current through September 2018. All of the data comes from the Department of Health (Hong Kong), except for the categories Manufacturer Parent Company and Product Classification.
    The Parent Company and the Product Classification were added by ICIJ.
    The parent company information is based on 2017 public records. The device classification information comes from FDA’s Product Classification by Review Panel, based on matches of data from the U.S. and Hong Kong.
  • Extra notes in the data
    Medical Device Safety Alert
  • Reason
    Medical device field corrective action: philips xper information management system components and calysto system components medical device manufacturer,philips healthcare has initiated a medical device field correction action concerning all xper information management system components and calysto system components installed after january 2008. philips healthcare has become aware that certain default passwords loaded on a number of our devices at the factory have been recently disclosed to the general public by security researchers. if passwords for the workstation or server hosting the software are unchanged following installation, there exists the possibility of access to the operating system of the device. this could enable an unauthorized user to gain control of the operating system of the workstation and server supporting the patient monitoring system. the security researchers also demonstrated a network based heap overflow vulnerability in the xper connect broker component on port 6000 of the device. although the exploit code has not been publicly disclosed, philips healthcare is currently working on resolutions to this issue. as a temporary measure, this port can be safely firewalled to eliminate any immediate threat. the manufacturer advises users to alert the service account(s) per the facility it security protocols and contact the local philips service organization to let them know about any changes to the service account the users may have alerted or created. according to the local supplier, the affected products were distributed in hong kong. if you are in possession of the affected product, please contact your supplier for necessary actions. posted on 7 march 2013.

Device

Xper Information Management system components and Calysto system components
  • Model / Serial
  • Product Description
    Medical Device Safety Alert: Philips Xper Information Management system components and Calysto system components
  • Manufacturer
    Philips Healthcare

Manufacturer

Philips Healthcare
  • Manufacturer Parent Company (2017)
    Philips
  • Source
    DH