CVE-2018-5438

The CVE-2018-5438 vulnerability affects Philips IntelliSpace Cardiovascular System (ISCV) prior to version 2.3.0. The issue is an insufficient session expiration that can allow reuse of a previously authenticated session when ISCV is used with an EMR in kiosk mode across multiple users using Wind...

CVE-2018-14789

Philips IntelliSpace Cardiovascular (ISCV) and Xcelera are affected by CVE-2018-14789 due to an unquoted search path or element vulnerability in ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior. This flaw can allow an attacker with local access to execute arbitrary code and escalate pri...

CVE-2018-14787

Philips IntelliSpace Cardiovascular (ISCV) and Xcelera are affected by CVE-2018-14787. ISCV versions 2.x or prior and Xcelera 4.1 or prior permit an attacker with escalated privileges to access folders containing executables where authenticated users have write permissions and to execute arbitrar...

CVE-2017-14111

CVE-2017-14111 affects Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier. The root cause is insufficiently protected credentials: credentials are stored in plaintext in system files, enabling an attacker with elevated privileges to access sensitive data o...