Identity Claim Validation Flaw in Philips SureSigns VS4
CVE-2020-16239

4.9MEDIUM

Key Information:

Vendor: Philips
Status: Suresigns Vs4
Vendor: CVE Published:; 21 August 2020

What is CVE-2020-16239?

The Philips SureSigns VS4 suffers from a vulnerability that allows an attacker to impersonate legitimate identities due to inadequate validation of identity claims. This flaw may enable unauthorized access and manipulation of sensitive data, posing risks to system integrity and confidentiality. Users of the affected products are advised to implement necessary security measures and stay updated with vendor patches to mitigate exploitation risks.

Affected Version(s)

SureSigns VS4 0

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-233-01

x_refsource_MISC

https://www.philips.com/a-w/security/security-advisories/...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2020
Vulnerability Reserved
Jul 31, 2020