CVE-2018-14789
N/A
N/A
Summary
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Philips | IntelliSpace Cardiovascular (ISCV) products | IntelliSpace Cardiovascular, Version 3.1 or prior | affected |
| Philips | IntelliSpace Cardiovascular (ISCV) products | Xcelera Version 4.1 or prior | affected |
Weaknesses
- CWE-428: UNQUOTED SEARCH PATH OR ELEMENT CWE-428
ADP Enrichment
CVE Program Container
Additional References
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-226-01
References
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-226-01
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.