Описание
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions.
Ссылки
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.1 (включая)Версия до 4.1 (включая)
Одно из
cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*
cpe:2.3:a:philips:xcelera:*:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00055
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-269
CWE-269
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions.
EPSS
Процентиль: 17%
0.00055
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-269
CWE-269