CVE-2018-14787
HIGHPhilips IntelliSpace Cardiovascular <2.x - Privilege Escalation
Title source: llmDescription
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.usa.philips.com/healthcare/about/customer-support/product-security
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSMA-18-226-01
Scores
CVSS v3
7.8
EPSS
0.0039
EPSS Percentile
30.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (2)
philips/intellispace_cardiovascular
< 3.1
philips/xcelera
< 4.1
Published
Aug 22, 2018
Tracked Since
Feb 18, 2026