Default Credentials Expose Philips Vue PACS to Security Risks
CVE-2023-40704

5.7MEDIUM

Key Information:

Vendor: Philips
Status: Vue Pacs
Vendor: CVE Published:; 18 July 2024

What is CVE-2023-40704?

Philips Vue PACS employs default credentials that expose critical functionality to potential unauthorized access. This vulnerability highlights significant security risks within the system, allowing threat actors to exploit unsecured accounts, potentially compromising sensitive patient data and overall system integrity. Organizations utilizing this product should prioritize changing default credentials to enhance security and mitigate risks associated with unauthorized system access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Vue PACS 0 < 12.2.8.410

References

https://www.cisa.gov/news-events/ics-medical-advisories/i...

http://www.philips.com/productsecurity

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jul 18, 2024
Vulnerability Reserved
Aug 21, 2023

Credit

TAS Health NZ and Camiel van Es reported these vulnerabilities to Philips.

JSON

Philips

What is CVE-2023-40704?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.