Unrated severityNVD Advisory· Published Jan 20, 2021· Updated Jun 4, 2025

Philips Interventional Workstations OS Command Injection

CVE-2020-27298

Description

Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). The software constructs all or part of an OS command using externally influenced input from an upstream component but does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when sent to a downstream component.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Philips/Interventional Workspotllm-create2 versions
1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5+ 1 more
- (no CPE)range: 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5
- (no CPE)range: Release 1.3.2
Philips/Coronary Tools/Dynamic Coronary Roadmap/Stentboost Livellm-create2 versions
1.0+ 1 more
- (no CPE)range: 1.0
- (no CPE)range: Release 1.0
Philips/ViewForumllm-create2 versions
6.3V1L10+ 1 more
- (no CPE)range: 6.3V1L10
- (no CPE)range: Release 6.3V1L10

Patches

Vulnerability mechanics

Root cause

"The software constructs all or part of an OS command using externally influenced input from an upstream component but does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when sent to a downstream component [ref_id=1]."

Attack vector

An attacker supplies externally influenced input to an upstream component of the affected Philips medical software (Interventional Workspot, Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live, or ViewForum) [ref_id=1]. Because the software fails to neutralize special elements in that input before incorporating it into an OS command, the attacker can inject arbitrary command syntax. The crafted payload is then passed to a downstream component that executes the modified OS command, enabling the attacker to achieve unintended command execution on the underlying system [ref_id=1].

Affected code

The advisory does not identify specific functions, files, or code paths [ref_id=1]. The affected products are Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), and ViewForum (Release 6.3V1L10) [ref_id=1].

What the fix does

The advisory does not include a patch diff or specific remediation code [ref_id=1]. Philips has not published a software update for this CVE in the referenced advisory archive; the advisory only describes the vulnerability class and affected product versions [ref_id=1]. Users are directed to contact their local Philips service support team for product-specific remediation guidance [ref_id=1].

Preconditions

inputAn upstream component must accept externally influenced input that is later used to construct an OS command.
networkThe attacker must be able to deliver the crafted input to the upstream component (network access or local access as applicable).

Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

www.cisa.gov/news-events/ics-medical-advisories/icsma-21-019-01mitrex_refsource_MISC
www.philips.com/a-w/security/security-advisories/product-security-2021.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000