CVE-2019-18263

Summary

CVE	CVE-2019-18263
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-12-20 16:15:00 UTC
Updated	2020-01-10 01:43:00 UTC
Description	An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). The router software uses an encryption scheme that is not strong enough for the level of protection required.

Risk And Classification

Problem Types: CWE-326

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Philips	Endura	-	All	All	All
Hardware	Philips	Endura	-	All	All	All
Operating System	Philips	Endura Firmware	-	All	All	All
Operating System	Philips	Endura Firmware	-	All	All	All
Hardware	Philips	Pulsera	-	All	All	All
Hardware	Philips	Pulsera	-	All	All	All
Operating System	Philips	Pulsera Firmware	-	All	All	All
Operating System	Philips	Pulsera Firmware	-	All	All	All
Hardware	Philips	Veradius Unity	-	All	All	All
Hardware	Philips	Veradius Unity	-	All	All	All
Operating System	Philips	Veradius Unity Firmware	-	All	All	All
Operating System	Philips	Veradius Unity Firmware	-	All	All	All

References

Reference	Source	Link	Tags
Philips Veradius Unity, Pulsera, and Endura Dual WAN Routers \| CISA	MISC	www.us-cert.gov	Third Party Advisory, US Government Resource
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.