CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-5451

In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or the ability to execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/103537
https://ics-cert.us-cert.gov/advisories/ICSMA-18-086-01
http://www.securityfocus.com/bid/103537
https://ics-cert.us-cert.gov/advisories/ICSMA-18-086-01

Products affected by CVE-2018-5451

Philips » Alice 6 » Version: N/A

cpe:2.3:h:philips:alice_6:-
Philips » Alice 6 Firmware » Version: r8.0.2

cpe:2.3:o:philips:alice_6_firmware:r8.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5451

Products

Pricing

Contact Us