10 matches found
EUVD-2018-19227
Malware in sbrugna...
CVE-2018-5451
In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers...
CVE-2018-7498
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys...
Code injection
In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers...
Code injection
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys...
CVE-2018-7498
Philips Alice 6 System (R8.0.3 or prior) is affected by CVE-2018-7498 due to missing encryption of sensitive data (CWE-311), impacting confidentiality/integrity not properly protected. Update to R8.0.4 to remediate; apply network security controls and follow ICS-CERT guidance for defense-in-depth.
CVE-2018-5451
In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers...
CVE-2018-7498
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys...
Philips Alice 6 Missing Encryption Sensitive Data Vulnerability
The Philips Alice 6 is a polysomnographic monitoring system PSG designed to record, display and print physiologic information for clinicians/physicians. The Philips Alice 6 suffers from a lack of encryption of sensitive data vulnerability that stems from a lack of proper data encryption that woul...
Philips Alice 6 Vulnerabilities (Update B)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: Philips Alice 6 System product Vulnerabilities: Improper Authentication, Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated...