- Description
- Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- ics-cert@hq.dhs.gov
- CWE-264
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "374B9A63-793D-41A1-A02F-4642031DA5FA"
},
{
"criteria": "cpe:2.3:a:philips:intellispace_portal:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "784EBE3C-D9CB-433E-BC1D-4403B3BAB6AA"
}
],
"operator": "OR"
}
]
}
]