Vulnerabilities > Philips
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2020-16214 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Philips Patient Information Center IX B.02/C.02/C.03 In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software saves user-provided information into a comma-separated value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. | 5.0 |
| 2020-08-31 | CVE-2020-11618 | THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol. | 7.2 |
| 2020-08-31 | CVE-2020-11617 | Improper Certificate Validation vulnerability in multiple products The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client. | 4.3 |
| 2020-08-21 | CVE-2020-16241 | Incorrect Authorization vulnerability in Philips Suresigns VS4 Firmware A.07.107 Philips SureSigns VS4, A.07.107 and prior. | 2.1 |
| 2020-08-21 | CVE-2020-16239 | Improper Authentication vulnerability in Philips Suresigns VS4 Firmware Philips SureSigns VS4, A.07.107 and prior. | 4.0 |
| 2020-08-21 | CVE-2020-16237 | Improper Input Validation vulnerability in Philips Suresigns VS4 Firmware Philips SureSigns VS4, A.07.107 and prior. | 2.1 |
| 2020-08-21 | CVE-2020-14518 | Information Exposure Through Log Files vulnerability in Philips Dreammapper Philips DreamMapper, Version 2.24 and prior. | 5.0 |
| 2020-08-13 | CVE-2020-7360 | Uncontrolled Search Path Element vulnerability in Philips Smartcontrol 4.3.15 An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. | 6.9 |
| 2020-06-26 | CVE-2020-14477 | Improper Authentication vulnerability in Philips products In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information. | 3.6 |
| 2020-06-11 | CVE-2020-12023 | Information Exposure Through Log Files vulnerability in Philips Intellibridge Enterprise B.12 Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). | 2.7 |