Vulnerability Details CVE-2018-10601
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.5%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 5.4
References
Products affected by CVE-2018-10601
-
cpe:2.3:h:philips:avalon_fetal/maternal_monitors_fm20:-
-
cpe:2.3:h:philips:avalon_fetal/maternal_monitors_fm30:-
-
cpe:2.3:h:philips:avalon_fetal/maternal_monitors_fm40:-
-
cpe:2.3:h:philips:avalon_fetal/maternal_monitors_fm50:-
-
cpe:2.3:h:philips:intellivue_mp2:-
-
cpe:2.3:h:philips:intellivue_mp30:-
-
cpe:2.3:h:philips:intellivue_mp50:-
-
cpe:2.3:h:philips:intellivue_mp70:-
-
cpe:2.3:h:philips:intellivue_mx100:-
-
cpe:2.3:h:philips:intellivue_mx400:-
-
cpe:2.3:h:philips:intellivue_mx450:-
-
cpe:2.3:h:philips:intellivue_mx500:-
-
cpe:2.3:h:philips:intellivue_mx550:-
-
cpe:2.3:h:philips:intellivue_mx700:-
-
cpe:2.3:h:philips:intellivue_mx800:-
-
cpe:2.3:h:philips:intellivue_np90:-
-
cpe:2.3:h:philips:intellivue_x2:-
-
cpe:2.3:h:philips:intellivue_x3:-
-
cpe:2.3:o:philips:avalon_fetal/maternal_monitors_fm20_firmware:-
-
cpe:2.3:o:philips:avalon_fetal/maternal_monitors_fm30_firmware:-
-
cpe:2.3:o:philips:avalon_fetal/maternal_monitors_fm40_firmware:-
-
cpe:2.3:o:philips:avalon_fetal/maternal_monitors_fm50_firmware:-
-
cpe:2.3:o:philips:intellivue_mp2_firmware:-
-
cpe:2.3:o:philips:intellivue_mp30_firmware:-
-
cpe:2.3:o:philips:intellivue_mp50_firmware:-
-
cpe:2.3:o:philips:intellivue_mp70_firmware:-
-
cpe:2.3:o:philips:intellivue_mx100_firmware:-
-
cpe:2.3:o:philips:intellivue_mx400_firmware:-
-
cpe:2.3:o:philips:intellivue_mx450_firmware:-
-
cpe:2.3:o:philips:intellivue_mx500_firmware:-
-
cpe:2.3:o:philips:intellivue_mx550_firmware:-
-
cpe:2.3:o:philips:intellivue_mx700_firmware:-
-
cpe:2.3:o:philips:intellivue_mx800_firmware:-
-
cpe:2.3:o:philips:intellivue_np90_firmware:-
-
cpe:2.3:o:philips:intellivue_x2_firmware:-
-
cpe:2.3:o:philips:intellivue_x3_firmware:-