CVE-2018-14799

LOW

Philips PageWriter - Buffer Overflow

Title source: llm

Description

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities.

References (3)

Core 3

Core References

Third Party Advisory, US Government Resource, VDB Entry x_refsource_misc

https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01

Vendor Advisory x_refsource_confirm

https://www.usa.philips.com/healthcare/about/customer-support/product-security

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105103

Scores

CVSS v3 3.7

EPSS 0.0050

EPSS Percentile 38.6%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-119 CWE-134 CWE-20

Status published

Products (5)

philips/pagewriter_tc10_firmware

philips/pagewriter_tc20_firmware

philips/pagewriter_tc30_firmware

philips/pagewriter_tc50_firmware

philips/pagewriter_tc70_firmware

Published Aug 22, 2018

Tracked Since Feb 18, 2026