Vulnerabilities > CVE-2018-8861 - Unspecified vulnerability in Philips products

CVSS 8.7 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

LOW

local

low complexity

philips

NVD

Published: 2018-05-04

Updated: 2019-10-09

Summary

Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.

Vulnerable Configurations

Part	Description	Count
OS	Philips Philips Brilliance Firmware 64 * Philips Brilliance ICT SP Firmware 3.2.4 Philips Brilliance ICT Firmware 4.1.6 Philips Brilliance CT BIG Bore Firmware *	4
Hardware	Philips Philips Brilliance 64 - Philips Brilliance ICT SP - Philips Brilliance ICT - Philips Brilliance CT BIG Bore -	4

Summary

Vulnerable Configurations

References