CVE-2018-14789
MEDIUMPhilips IntelliSpace Cardiovascular <3.1 - Privilege Escalation
Title source: llmDescription
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.usa.philips.com/healthcare/about/customer-support/product-security
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSMA-18-226-01
Scores
CVSS v3
6.7
EPSS
0.0045
EPSS Percentile
35.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-428
Status
published
Products (2)
philips/intellispace_cardiovascular
< 3.1
philips/xcelera
< 4.1
Published
Aug 22, 2018
Tracked Since
Feb 18, 2026