VAR-201806-0571
Vulnerability from variot - Updated: 2023-12-18 12:36IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow. plural Philips The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Philips IntelliVuePatientMonitorsMP2 and so on are all products of the Dutch company Philips. The Philips IntelliVuePatientMonitors MP2 is an MP series patient monitor device. The AvalonFetal/MaternalMonitorsFM20 is a maternal and child monitor device. A buffer overflow vulnerability exists in PhilipsIntelliVuePatientandAvalonFetalMonitors. An attacker could exploit the vulnerability to read memory from its selected device address (within the same subnet). The following products and versions are affected: Philips IntelliVue Patient Monitors MP2/X2/MP30/MP50/MP70/NP90/MX700/800 Rev. B to Rev. M; IntelliVue Patient Monitors MX400-550 Rev. J to Rev. M; X3/ MX100 M revision; Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 using F.0, G.0 and J.3 software revisions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0571",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "avalon fetal\\/maternal monitors fm30",
"scope": "eq",
"trust": 1.6,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal\\/maternal monitors fm50",
"scope": "eq",
"trust": 1.6,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal\\/maternal monitors fm20",
"scope": "eq",
"trust": 1.6,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal\\/maternal monitors fm40",
"scope": "eq",
"trust": 1.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx700",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx450",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue np90",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx100",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx500",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx550",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mp70",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mp50",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx400",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mp2",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue x3",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue x2",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mx800",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "intellivue mp30",
"scope": "eq",
"trust": 1.0,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm20",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm30",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm40",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm50",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mp2",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mp30",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mp50",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mp70",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx100",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx400",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx450",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx500",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx550",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx700",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx800",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors np90",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors x2",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors x3",
"scope": null,
"trust": 0.8,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm20/fm30/fm40/fm50 f.0",
"scope": null,
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm20/fm30/fm40/fm50 g.0",
"scope": null,
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "avalon fetal/maternal monitors fm20/fm30/fm40/fm50 j.3",
"scope": null,
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx550",
"scope": "eq",
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx400",
"scope": "eq",
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors x3",
"scope": "eq",
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx500",
"scope": "eq",
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx100",
"scope": "eq",
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": "intellivue patient monitors mx450",
"scope": "eq",
"trust": 0.6,
"vendor": "philips",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mp2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx450",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx500",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx550",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors x3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx100",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "avalon fetal maternal monitors fm20",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "avalon fetal maternal monitors fm30",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "avalon fetal maternal monitors fm40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "avalon fetal maternal monitors fm50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors x2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mp30",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mp50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mp70",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors np90",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx700",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx800",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intellivue patient monitors mx400",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mp2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mp2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_x2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mp30_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mp30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mp50_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mp50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mp70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mp70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_np90_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_np90:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx450_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_x3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm30_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm40_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm50_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10601"
}
]
},
"cve": "CVE-2018-10601",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-10601",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-11994",
"impactScore": 9.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1",
"impactScore": 9.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-120377",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10601",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-10601",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-11994",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-303",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-120377",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "VULHUB",
"id": "VHN-120377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an \"echo\" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow. plural Philips The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Philips IntelliVuePatientMonitorsMP2 and so on are all products of the Dutch company Philips. The Philips IntelliVuePatientMonitors MP2 is an MP series patient monitor device. The AvalonFetal/MaternalMonitorsFM20 is a maternal and child monitor device. A buffer overflow vulnerability exists in PhilipsIntelliVuePatientandAvalonFetalMonitors. An attacker could exploit the vulnerability to read memory from its selected device address (within the same subnet). The following products and versions are affected: Philips IntelliVue Patient Monitors MP2/X2/MP30/MP50/MP70/NP90/MX700/800 Rev. B to Rev. M; IntelliVue Patient Monitors MX400-550 Rev. J to Rev. M; X3/ MX100 M revision; Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 using F.0, G.0 and J.3 software revisions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120377"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10601",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSMA-18-156-01",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-11994",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F48FA1-39AB-11E9-AAEE-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120377",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "VULHUB",
"id": "VHN-120377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"id": "VAR-201806-0571",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "VULHUB",
"id": "VHN-120377"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
}
]
},
"last_update_date": "2023-12-18T12:36:45.412000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.usa.philips.com/healthcare"
},
{
"title": "Patch for Philips IntelliVuePatientandAvalonFetalMonitors Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/132733"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "NVD",
"id": "CVE-2018-10601"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-156-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10601"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10601"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "VULHUB",
"id": "VHN-120377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"db": "VULHUB",
"id": "VHN-120377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-25T00:00:00",
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"date": "2018-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"date": "2018-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-120377"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"date": "2018-06-05T20:29:00.903000",
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"date": "2018-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11994"
},
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-120377"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006288"
},
{
"date": "2021-05-10T15:08:11.710000",
"db": "NVD",
"id": "CVE-2018-10601"
},
{
"date": "2020-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Philips IntelliVue Patient and Avalon Fetal Monitors Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11994"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f48fa1-39ab-11e9-aaee-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-303"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…