Is CVE-2020-16220 actively exploited?

CVE-2020-16220 has no public evidence of in-the-wild exploitation as of 2026-02-23.

What is the CVSS score for CVE-2020-16220?

CVE-2020-16220 has a CVSS score of 4.3 (MEDIUM severity). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

How do I patch CVE-2020-16220?

Patch guidance is available from philips security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2020-16220.

CVE-2020-16220 - remediation guidance & executive summary

Q: Which products are affected by CVE-2020-16220?

4 products: philips patient information center ix, philips patient information center ix, philips patient information center ix, philips performancebridge focal point.

Description

In Patient Information Center iX (PICiX) Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed (i.e., to comply with a certain syntax) but it does not validate or incorrectly validates that the input complies with the syntax, causing the certificate enrollment service to crash. It does not impact monitoring but prevents new devices from enrolling.

CVSS Metrics

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector: adjacent network
Complexity: low
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low
Weaknesses: CWE-1286

Metadata

Primary Vendor: PHILIPS
Published: 9/11/2020
Last Modified: 2/23/2026
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

philips : patient_information_center_ixphilips : patient_information_center_ixphilips : patient_information_center_ixphilips : performancebridge_focal_point

Remediation Guidance

Executive Summary

Cite this page

CVE-2020-16220. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2020-16220

View on NIST NVD

CVE-2020-16220 vulnerability