CVE-2018-14799

LOW

Philips PageWriter - Buffer Overflow

Title source: llm

Description

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities.

References (3)

[Third Party Advisory, US Government Resource, VDB Entry] https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01

[Vendor Advisory] https://www.usa.philips.com/healthcare/about/customer-support/product-security

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105103

Scores

CVSS v3 3.7

EPSS 0.0016

EPSS Percentile 36.9%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-119 CWE-134 CWE-20

Status published

Products (5)

philips/pagewriter_tc10_firmware

philips/pagewriter_tc20_firmware

philips/pagewriter_tc30_firmware

philips/pagewriter_tc50_firmware

philips/pagewriter_tc70_firmware

Published Aug 22, 2018

Tracked Since Feb 18, 2026