← Volver a CVEs
CVE-2018-14801
N/ADescripcion
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow the user to reset existing passwords.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado8/22/2018
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
philips:pagewriter_tc10philips:pagewriter_tc10_firmwarephilips:pagewriter_tc20philips:pagewriter_tc20_firmwarephilips:pagewriter_tc30philips:pagewriter_tc30_firmwarephilips:pagewriter_tc50philips:pagewriter_tc50_firmwarephilips:pagewriter_tc70philips:pagewriter_tc70_firmware
Debilidades (CWE)
CWE-798CWE-798
Referencias
http://www.securityfocus.com/bid/105103(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01(ics-cert@hq.dhs.gov)
https://www.usa.philips.com/healthcare/about/customer-support/product-security(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/105103(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.usa.philips.com/healthcare/about/customer-support/product-security(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.