CVE-2021-33020

HIGH

Philips Vue PACS <12.2 - Info Disclosure

Title source: llm

Description

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key.

References (2)

Scores

CVSS v3 8.2
EPSS 0.0022
EPSS Percentile 44.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Classification

CWE
CWE-672 CWE-324
Status published

Affected Products (4)

philips/myvue < 12.2.1.5
philips/speech < 12.2.8.0
philips/vue_motion < 12.2.1.5
philips/vue_pacs < 12.2.8.0

Timeline

Published Apr 01, 2022
Tracked Since Feb 18, 2026