| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Patient Information Center iX (PICiX) Versions C.02 and C.03,
PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors
MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and
prior, the software does not check or incorrectly checks the revocation
status of a certificate, which may cause it to use a compromised
certificate. |
| In Patient Information Center iX (PICiX) Versions C.02, C.03, the
software parses a formatted message or structure but does not handle or
incorrectly handles a length field that is inconsistent with the actual
length of the associated data, causing the application on the
surveillance station to restart. |
| In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and
PerformanceBridge Focal Point Version A.01, when an actor claims to have
a given identity, the software does not prove or insufficiently proves
the claim is correct. |
| In Patient Information Center iX (PICiX) Versions C.02, C.03,
PerformanceBridge Focal Point Version A.01, the product receives input
that is expected to be well-formed (i.e., to comply with a certain
syntax) but it does not validate or incorrectly validates that the input
complies with the syntax, causing the certificate enrollment service to
crash. It does not impact monitoring but prevents new devices from
enrolling. |
| In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the
software does not neutralize or incorrectly neutralizes
user-controllable input before it is placed in output that is then used
as a webpage and served to other users. Successful exploitation could
lead to unauthorized access to patient data via a read-only web
application. |
| In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750,
MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior,
the product receives input or data but does not validate or incorrectly
validates that the input has the properties required to process the data
safely and correctly, which can induce a denial-of-service condition
through a system restart. |
| In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the
software saves user-provided information into a comma-separated value
(CSV) file, but it does not neutralize or incorrectly neutralizes
special elements that could be interpreted as a command when the file is
opened by spreadsheet software. |
| Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." |
| The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. |
| The product does not require unique and complex passwords to be created
during installation. Using Philips's default password could jeopardize
the PACS system if the password was hacked or leaked. An attacker could
gain access to the database impacting system availability and data
integrity. |
| The IntelliSpace portal application utilizes .NET
Remoting for its functionality. The vulnerability arises from the exploitation
of port 755 through the "Object Marshalling" technique, which allows
an attacker to read internal files without any authentication. This is possible
by crafting specific .NET Remoting URLs derived from information enumerated in
the client-side configuration files.
This issue affects IntelliSpace Portal: 12 and prior. |
| The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed that the server had set the TypeFilterLevel to Full which is dangerous as it can potentially lead to remote code execution using deserialization. This issue affects IntelliSpace Portal: 12 and prior. |
| We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-engineer the application to gain insights into its internal workings, which can potentially lead to the discovery of sensitive information, business logic flaws, and other vulnerabilities.
Utilizing this flaw, the attacker was able to identify the Hardcoded credentials from PortalUsersDatabase.dll, which contains .NET remoting definition. Inside the namespace PortalUsersDatabase, the class Users contains the functions CreateAdmin and CreateService that are used to initialize accounts in the Portal service. Both CreateAdmin and CreateService functions contain a hardcoded encrypted password along with its respective salt that are set with the function SetInitialPasswordAndSalt.
This issue affects IntelliSpace Portal: 12 and prior; Advanced Visualization Workspace: 15. |
| Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code. |
| An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx. |
| An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component. |
| Philips Clinical Collaboration Platform, Versions 12.2.1 and prior,
exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. |
| Philips SureSigns VS4, A.07.107 and prior
does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| When an actor claims to have a given identity,
Philips SureSigns VS4, A.07.107 and prior
does not prove or insufficiently proves the claim is correct. |
| Philips SureSigns VS4, A.07.107 and prior receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly. |
