Remote Code Execution Vulnerability in Philips IntelliSpace Portal
CVE-2018-5454

8.1HIGH

Key Information:

Vendor: Philips
Status: Philips Intellispace Portal
Vendor: CVE Published:; 26 March 2018

🔔 Create Philips Vulnerability Alert

What is CVE-2018-5454?

The Philips IntelliSpace Portal 8.0.x and 7.0.x versions are susceptible to a vulnerability due to the enabling of code debugging methods. This flaw may enable a remote attacker to execute arbitrary code during runtime, potentially compromising the integrity and security of the system.

Affected Version(s)

Philips IntelliSpace Portal 8.0.x

Philips IntelliSpace Portal 7.0.x

References

https://www.usa.philips.com/healthcare/about/customer-sup...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103182

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2018
Vulnerability Reserved
Jan 12, 2018

.