Vulnerabilities > Philips > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-18 CVE-2023-40704 Unspecified vulnerability in Philips VUE Pacs 12.2.8.0
Philips Vue PACS uses default credentials for potentially critical functionality.
network
low complexity
philips
critical
 9.8
9.8
2022-04-01 CVE-2021-27497 Unspecified vulnerability in Philips products
Philips Vue PACS versions 12.2.x.x and prior does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
network
low complexity
philips
critical
 9.8
9.8
2022-04-01 CVE-2021-27501 Unspecified vulnerability in Philips products
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.
network
low complexity
philips
critical
 9.8
9.8
2018-09-26 CVE-2018-8856 Use of Hard-coded Credentials vulnerability in Philips E-Alert Firmware 2.1/R2.1
Philips e-Alert Unit (non-medical device), Version R2.1 and prior.
network
low complexity
philips CWE-798
critical
 9.8
9.8
2018-09-26 CVE-2018-8850 Improper Input Validation vulnerability in Philips E-Alert Firmware 2.1/R2.1
Philips e-Alert Unit (non-medical device), Version R2.1 and prior.
network
low complexity
philips CWE-20
critical
 9.8
9.8
2018-04-24 CVE-2017-9656 Use of Hard-coded Credentials vulnerability in Philips Dosewise 1.1.7.333/2.1.1.3069
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database.
network
low complexity
philips CWE-798
critical
 9.1
9.1
2018-03-28 CVE-2018-7498 Missing Encryption of Sensitive Data vulnerability in Philips Alice 6 Firmware R8.0.2
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.
network
low complexity
philips CWE-311
critical
 9.8
9.8
2018-03-28 CVE-2018-5451 Improper Authentication vulnerability in Philips Alice 6 Firmware R8.0.2
In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
network
low complexity
philips CWE-287
critical
 9.8
9.8
2018-03-26 CVE-2018-5474 Improper Input Validation vulnerability in Philips Intellispace Portal 8.0/9.0
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash.
network
low complexity
philips CWE-20
critical
 9.8
9.8
2018-03-26 CVE-2018-5472 Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.
network
low complexity
philips
critical
 9.8
9.8