CVE-2018-14801
N/A
N/A
Summary
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow the user to reset existing passwords.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Philips | PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs | All versions prior to May 2018. | affected |
Weaknesses
- CWE-798: USE OF HARD-CODED CREDENTIALS CWE-798
ADP Enrichment
CVE Program Container
Additional References
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- http://www.securityfocus.com/bid/105103
References
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- http://www.securityfocus.com/bid/105103
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.