Identity Claim Validation Flaw in Philips SureSigns VS4
CVE-2020-16239

4.9MEDIUM

Key Information:

Vendor: Philips
Status: Philips Suresigns Vs4
Vendor: CVE Published:; 21 August 2020

Summary

The Philips SureSigns VS4 suffers from a vulnerability that allows an attacker to impersonate legitimate identities due to inadequate validation of identity claims. This flaw may enable unauthorized access and manipulation of sensitive data, posing risks to system integrity and confidentiality. Users of the affected products are advised to implement necessary security measures and stay updated with vendor patches to mitigate exploitation risks.

Affected Version(s)

Philips SureSigns VS4 A.07.107 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-233-01

x_refsource_MISC

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 21, 2020
Vulnerability Reserved
Jul 31, 2020