CVE-2018-8857
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. An attacker could compromise these credentials and gain access to the system.
El software de Philips Brilliance CT (Brilliance 64 en versiones 2.6.2 y anteriores, Brilliance iCT en versiones 4.1.6 y anteriores, Brilliance iCT SP en versiones 3.2.4 y anteriores y Brilliance CT Big Bore 2.3.5 y anteriores) contiene credenciales fijas, como una contraseña o clave criptográfica, que emplea para su propia autenticación entrante, comunicaciones salientes a componentes externos o el cifrado de datos internos. Un atacante podría comprometer estas credenciales y obtener acceso al sistema.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-20 CVE Reserved
- 2018-05-04 CVE Published
- 2023-04-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/104088 | Third Party Advisory | |
| https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.usa.philips.com/healthcare/about/customer-support/product-security | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Philips Search vendor "Philips" | Brilliance Firmware 64 Search vendor "Philips" for product "Brilliance Firmware 64" | <= 2.6.2 Search vendor "Philips" for product "Brilliance Firmware 64" and version " <= 2.6.2" | - |
Affected
| in | Philips Search vendor "Philips" | Brilliance 64 Search vendor "Philips" for product "Brilliance 64" | - | - |
Safe
|
| Philips Search vendor "Philips" | Brilliance Ict Sp Firmware Search vendor "Philips" for product "Brilliance Ict Sp Firmware" | <= 3.2.4 Search vendor "Philips" for product "Brilliance Ict Sp Firmware" and version " <= 3.2.4" | - |
Affected
| in | Philips Search vendor "Philips" | Brilliance Ict Sp Search vendor "Philips" for product "Brilliance Ict Sp" | - | - |
Safe
|
| Philips Search vendor "Philips" | Brilliance Ict Firmware Search vendor "Philips" for product "Brilliance Ict Firmware" | <= 4.1.6 Search vendor "Philips" for product "Brilliance Ict Firmware" and version " <= 4.1.6" | - |
Affected
| in | Philips Search vendor "Philips" | Brilliance Ict Search vendor "Philips" for product "Brilliance Ict" | - | - |
Safe
|
| Philips Search vendor "Philips" | Brilliance Ct Big Bore Firmware Search vendor "Philips" for product " Brilliance Ct Big Bore Firmware" | <= 2.3.5 Search vendor "Philips" for product " Brilliance Ct Big Bore Firmware" and version " <= 2.3.5" | - |
Affected
| in | Philips Search vendor "Philips" | Brilliance Ct Big Bore Search vendor "Philips" for product " Brilliance Ct Big Bore" | - | - |
Safe
|