CVE-2018-8850

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.
References
Link Resource
http://www.securityfocus.com/bid/105194 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01 Mitigation Third Party Advisory US Government Resource
https://www.usa.philips.com/healthcare/about/customer-support/product-security Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-26 19:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-8850

Mitre link : CVE-2018-8850

CVE.ORG link : CVE-2018-8850


JSON object : View

Products Affected

philips

  • e-alert_firmware
CWE
CWE-20

Improper Input Validation