Philips—Systems Using Apache HTTP Server​: May Have Cybersecurity Vulnerabilities

December 15, 2021 | Strategic Insights for Health System


ECRI's complete weekly summary of medical device hazard and recall information is available in ECRI's Health Device Alerts. For more information contact us at

Problem:In a December 10, 2021, Security Advisory, Philips states that it is monitoring developments and updates related to recently released reports that confirm an active exploitation of a previously fixed server-side request forgery vulnerability (CVE-2021-40438) in Apache's HTTP Server. The vulnerability affects HTTP Server versions 2.4.48 and earlier. The manufacturer has not confirmed the...

Access Full Content

Contact us today at 610.825.6000.

Related Tags