CVE-2018-14789
Summary
| CVE | CVE-2018-14789 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-08-22 18:29:00 UTC |
| Updated | 2022-04-22 19:23:00 UTC |
| Description | In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges. |
Risk And Classification
Problem Types: CWE-428
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Philips | Intellispace Cardiovascular | All | All | All | All |
| Application | Philips | Xcelera | All | All | All | All |
| Application | Phillips | Intellispace Cardiovascular | All | All | All | All |
| Application | Phillips | Xcelera | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Philips IntelliSpace Cardiovascular Vulnerabilities | ICS-CERT | MISC | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| Product Security | Philips | CONFIRM | www.usa.philips.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.