← Back to CVEs
CVE-2018-14801
N/ADescription
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow the user to reset existing passwords.
CVE Details
CVSS v3.1 ScoreN/A
Published8/22/2018
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
philips:pagewriter_tc10philips:pagewriter_tc10_firmwarephilips:pagewriter_tc20philips:pagewriter_tc20_firmwarephilips:pagewriter_tc30philips:pagewriter_tc30_firmwarephilips:pagewriter_tc50philips:pagewriter_tc50_firmwarephilips:pagewriter_tc70philips:pagewriter_tc70_firmware
Weaknesses (CWE)
CWE-798CWE-798
References
http://www.securityfocus.com/bid/105103(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01(ics-cert@hq.dhs.gov)
https://www.usa.philips.com/healthcare/about/customer-support/product-security(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/105103(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.usa.philips.com/healthcare/about/customer-support/product-security(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.