Overview
- Description
- In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C11159E7-9244-49B2-933A-AAF995D4AAF6",
"versionEndIncluding": "3.1"
},
{
"criteria": "cpe:2.3:a:philips:xcelera:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEE47A78-BC37-427F-8B8B-81E0EB380C1C",
"versionEndIncluding": "4.1"
}
],
"operator": "OR"
}
]
}
]