CVE-2018-14801

Sažetak

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow the user to reset existing passwords.

Reference

http://www.securityfocus.com/bid/105103
https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
https://www.usa.philips.com/healthcare/about/customer-support/product-security

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-10-2019 - 23:35

Objavljeno

22-08-2018 - 18:29