Vulnerabilities > CVE-2021-33017 - Unspecified vulnerability in Philips products

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

philips

NVD

Published: 2021-12-27

Updated: 2024-11-21

Summary

The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication.

Vulnerable Configurations

Part	Description	Count
OS	Philips Philips Intellibridge Ec40 Firmware - Philips Intellibridge Ec40 Firmware C.00.04 Philips Intellibridge Ec80 Firmware - Philips Intellibridge Ec80 Firmware C.00.04	4
Hardware	Philips Philips Intellibridge Ec40 - Philips Intellibridge Ec80 -	2

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01