Vulnerabilities > CVE-2021-32993 - Unspecified vulnerability in Philips products

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

philips

NVD

Published: 2021-12-27

Updated: 2024-11-21

Summary

IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Vulnerable Configurations

Part	Description	Count
OS	Philips Philips Intellibridge Ec40 Firmware - Philips Intellibridge Ec40 Firmware C.00.04 Philips Intellibridge Ec80 Firmware - Philips Intellibridge Ec80 Firmware C.00.04	4
Hardware	Philips Philips Intellibridge Ec40 - Philips Intellibridge Ec80 -	2

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01