Vulnerabilities > CVE-2021-27456 - Insecure Storage of Sensitive Information vulnerability in Phillips products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

NVD

Published: 2022-03-23

Updated: 2022-04-12

Summary

Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control.

Part	Description	Count
OS	Phillips Phillips Gemini 882300 Firmware - Phillips Gemini 882160 Firmware - Phillips Gemini 882400 Firmware - Phillips Gemini 882390 Firmware - Phillips Gemini 882410 Firmware - Phillips Gemini 882412 Firmware - Phillips Gemini 882473 Firmware - Phillips Gemini 882470 Firmware - Phillips Gemini 882471 Firmware - Phillips Gemini 882476 Firmware - Phillips Truflight 882438 Firmware -	11
Hardware	Phillips Phillips Gemini 882300 - Phillips Gemini 882160 - Phillips Gemini 882400 - Phillips Gemini 882390 - Phillips Gemini 882410 - Phillips Gemini 882412 - Phillips Gemini 882473 - Phillips Gemini 882470 - Phillips Gemini 882471 - Phillips Gemini 882476 - Phillips Truflight 882438 -	11