VDB
ICSMA-21-187-01
ICSMA-21-187-01
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or affect system data integrity in such a way as to negatively impact the confidentiality, integrity, or availability of the system.
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vue PACS: Versions 12.2.x.x and prior | ||
| Vue MyVue: Versions 12.2.x.x and prior | ||
| Vue Motion: Versions 12.2.1.5 and prior | ||
| Vue Speech: Versions 12.2.x.x and prior |
Timeline
- Jul 6, 2021 CVE Published
- Apr 5, 2022 CVE Updated
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsma-21-187-01.json advisory
- https://www.cisa.gov/news-events/ics-medical-advisories/icsma-21-187-01 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://incenter.medical.philips.com/ fix
- https://eservice.philips.com/Account/Login?returnUrl=%2F fix
- http://www.philips.com/productsecurity fix
- https://www.philips.com/productsecurity fix