Critical Vulnerability: Hard-coded Cryptographic Key Exposes Patient Information in PIC iX Versions B.02, C.02, and C.03

Critical Vulnerability: Hard-coded Cryptographic Key Exposes Patient Information in PIC iX Versions B.02, C.02, and C.03

CVE-2021-43552 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.

Learn more about our Web Application Penetration Testing UK.