← Voltar para CVEs
CVE-2018-14801
N/ADescricao
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow the user to reset existing passwords.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado8/22/2018
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
philips:pagewriter_tc10philips:pagewriter_tc10_firmwarephilips:pagewriter_tc20philips:pagewriter_tc20_firmwarephilips:pagewriter_tc30philips:pagewriter_tc30_firmwarephilips:pagewriter_tc50philips:pagewriter_tc50_firmwarephilips:pagewriter_tc70philips:pagewriter_tc70_firmware
Fraquezas (CWE)
CWE-798CWE-798
Referencias
http://www.securityfocus.com/bid/105103(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01(ics-cert@hq.dhs.gov)
https://www.usa.philips.com/healthcare/about/customer-support/product-security(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/105103(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.usa.philips.com/healthcare/about/customer-support/product-security(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.