Philips Discloses Vulnerability in DreamMapper Mobile App Software

Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released an advisory on a medium-severity vulnerability found in Philips’ DreamMapper software. A successful exploit could allow an attacker to access log file information containing descriptive error messages.

The DreamMapper mobile app is a personalized therapy adherence tool used to manage sleep apnea.

Security researchers Lutz Weimann, Tim Hirschberg, Issam Hbib, and Florian Mommertz of SRC Security Research & Consulting GmbH first reported the vulnerability to CISA.

The vulnerability is found in versions 2.24 and earlier and could be exploited remotely with low-level skill. If exploited, an attacker could access...

Get the Morning Update

Thanks for subscribing!