Vulnerability Details CVE-2018-14799
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.1%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.6
References
- http://www.securityfocus.com/bid/105103
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- http://www.securityfocus.com/bid/105103
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
Products affected by CVE-2018-14799
-
cpe:2.3:h:philips:pagewriter_tc10:-
-
cpe:2.3:h:philips:pagewriter_tc20:-
-
cpe:2.3:h:philips:pagewriter_tc30:-
-
cpe:2.3:h:philips:pagewriter_tc50:-
-
cpe:2.3:h:philips:pagewriter_tc70:-
-
cpe:2.3:o:philips:pagewriter_tc10_firmware:-
-
cpe:2.3:o:philips:pagewriter_tc20_firmware:-
-
cpe:2.3:o:philips:pagewriter_tc30_firmware:-
-
cpe:2.3:o:philips:pagewriter_tc50_firmware:-
-
cpe:2.3:o:philips:pagewriter_tc70_firmware:-