CVE-2021-27493

Summary

Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

Affected Software

VendorProductVersion RangeStatus
PhilipsVue PACSunspecified <= 12.2.x.xaffected
PhilipsVue MyVueunspecified <= 12.2.x.xaffected
PhilipsVue Speechunspecified <= 12.2.x.xaffected
PhilipsVue Motionunspecified <= 12.2.1.5affected

Weaknesses

  • CVE-707 - Improper Neutralization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References