Pagewriter Tc70 Firmware
CVE-2018-14799
LOW
Severity by source
AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionNVD
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities.
AnalysisAI
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. Rated low severity (CVSS 3.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities. Affected products include: Philips Pagewriter Tc70 Firmware, Philips Pagewriter Tc50 Firmware, Philips Pagewriter Tc30 Firmware, Philips Pagewriter Tc20 Firmware, Philips Pagewriter Tc10 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Pagewriter Tc70 Firmware
View allSame weakness CWE-20 – Improper Input Validation
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today