CRITICAL🇬🇧 English

CVE-2018-8850

CVSS 9.8v3.0pub. 2018-09-26upd. 2024-11-21

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Philips E Alert Firmware

    OS
    Philips
    ≤ r2.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2018-8856CRITICAL9.8ten sam produkt

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptograp...

CVE-2018-8854HIGH7.5ten sam produkt

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly restrict the...

CVE-2018-8842HIGH8.8ten sam produkt

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive or securit...

CVE-2018-8844HIGH8.8ten sam produkt

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The web application does not, or cannot, su...

CVE-2018-8848HIGH7.5ten sam produkt

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, sets incor...