CVE-2021-33020 — Vulnetix

CVE-2021-33020 PUBLISHED CVSS 8.199999809265137 HIGH

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key.

EPSS 0.22% · 44.5th percentile

Risk Scores

CVSS v3.1

8.199999809265137

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score

0.22%

44.5th percentile

Affected Products

Vendor	Product	Versions
Philips	Vue Motion	unspecified
philips	myvue	0
philips	speech	0
Philips	Vue Speech	unspecified
Philips	Vue PACS	unspecified
Philips	Vue MyVue	unspecified
philips	vue_pacs	0
philips	vue_motion	0

Timeline

Apr 1, 2022 CVE Published
Apr 2, 2022 EPSS Score
May 23, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 2, 2022 EPSS Score
Oct 22, 2022 EPSS Score
Dec 12, 2022 EPSS Score
Jan 31, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 23, 2023 EPSS Score
May 12, 2023 EPSS Score
Jul 2, 2023 EPSS Score

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01 url
http://www.philips.com/productsecurity url
https://nvd.nist.gov/vuln/detail/CVE-2021-33020 advisory

Open in Interactive Console →