CVE-2023-40704

Summary

The product does not require unique and complex passwords to be created during installation. Using Philips's default password could jeopardize the PACS system if the password was hacked or leaked. An attacker could gain access to the database impacting system availability and data integrity.

Affected Software

VendorProductVersion RangeStatus
PhilipsVue PACS0 < 12.2.8.410affected

Weaknesses

  • CWE-1392: CWE-1392 Use of Default Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References