CVE-2018-8842

Summary

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The Philips e-Alert communication channel is not encrypted which could therefore lead to disclosure of personal contact information and application login credentials from within the same subnet.

Affected Software

VendorProductVersion RangeStatus
Philipse-Alert Unit (non-medical device)R2.1 and prioraffected

Weaknesses

  • CWE-319: CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319

ADP Enrichment

CVE Program Container

Additional References

References