CVE-2020-16237

Philips SureSigns VS4, A.07.107 and prior receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly...

CVE-2020-16241

Philips SureSigns VS4, A.07.107 and prior does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. Fuji Electric V-SFT suffers from a buffer overflow vulnerability that stems from the VS4SaveEnvFile function in VS6EditData failing to properly validate the length and size of input data, which can be exploited by an...

CVE-2020-16241

Philips SureSigns VS4, A.07.107 and prior does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

CVE-2020-16237

Philips SureSigns VS4, A.07.107 and prior receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly...

CVE-2020-16237

Philips SureSigns VS4, A.07.107 and prior receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly...

CVE-2020-16239

When an actor claims to have a given identity, Philips SureSigns VS4, A.07.107 and prior does not prove or insufficiently proves the claim is correct...

Code injection

Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

CVE-2020-16239

CVE-2020-16239 affects Philips SureSigns VS4 (A.07.107 and earlier). Root cause: Improper authentication where an actor’s claimed identity is not adequately proven. Consequence: potential unauthorized access to administrative controls; CVSS base 4.9 (NETWORK, LOW AI, HIGH privileges required, HIG...

CVE-2020-16241 Philips SureSigns VS4 Improper Access Control

Philips SureSigns VS4, A.07.107 and prior does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

CVE-2020-16241

Philips SureSigns VS4 (versions A.07.107 and earlier) is affected by CVE-2020-16241, an Improper Access Control vulnerability that could allow an unauthorized actor to access a resource. The issue is documented in multiple sources (NVD, Red Hat, CVE list, CISA ICS advisory) with evidence of impac...

CVE-2020-16237

CVE-2020-16237 affects Philips SureSigns VS4, specifically versions A.07.107 and earlier. The vulnerability stems from improper input validation where the device may receive data without ensuring it has the required properties, leading to unsafe processing. The authoritative source (ICS-CISA advi...

PT-2020-14834 · Philips · Philips Suresigns Vs4

Name of the Vulnerable Software and Affected Versions: Philips SureSigns VS4 versions A.07.107 and prior Description: The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. Recommendations: For Philips SureSigns VS4 versions A.07.107 and prior,...

PT-2020-14832 · Philips · Philips Suresigns Vs4

Name of the Vulnerable Software and Affected Versions: Philips SureSigns VS4 versions A.07.107 and prior Description: The software fails to properly verify the identity of an actor, allowing the actor to claim a given identity without sufficient proof that the claim is correct. Recommendations: F...

Philips SureSigns VS4

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely Vendor : Philips Equipment : SureSigns VS4 Vulnerabilities : Improper Input Validation, Improper Access Control, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...

vs4.com Open Redirect vulnerability

On the 19.11.2016 security researcher reported a Open Redirect vulnerability affecting the vs4.com website via the Open Bug Bounty coordinated vulnerability disclosure program. Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitted via Open Bug Bounty| 19 November, 20...