Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Intellivue_mp70_firmware
(Philips)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-06-05 | CVE-2018-10601 | IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow. | Avalon_fetal\/maternal_monitors_fm20_firmware, Avalon_fetal\/maternal_monitors_fm30_firmware, Avalon_fetal\/maternal_monitors_fm40_firmware, Avalon_fetal\/maternal_monitors_fm50_firmware, Intellivue_mp2_firmware, Intellivue_mp30_firmware, Intellivue_mp50_firmware, Intellivue_mp70_firmware, Intellivue_mx100_firmware, Intellivue_mx400_firmware, Intellivue_mx450_firmware, Intellivue_mx500_firmware, Intellivue_mx550_firmware, Intellivue_mx700_firmware, Intellivue_mx800_firmware, Intellivue_np90_firmware, Intellivue_x2_firmware, Intellivue_x3_firmware | 8.2 | ||
| 2018-06-05 | CVE-2018-10599 | IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet. | Avalon_fetal\/maternal_monitors_fm20_firmware, Avalon_fetal\/maternal_monitors_fm30_firmware, Avalon_fetal\/maternal_monitors_fm40_firmware, Avalon_fetal\/maternal_monitors_fm50_firmware, Intellivue_mp2_firmware, Intellivue_mp30_firmware, Intellivue_mp50_firmware, Intellivue_mp70_firmware, Intellivue_mx100_firmware, Intellivue_mx400_firmware, Intellivue_mx450_firmware, Intellivue_mx500_firmware, Intellivue_mx550_firmware, Intellivue_mx700_firmware, Intellivue_mx800_firmware, Intellivue_np90_firmware, Intellivue_x2_firmware, Intellivue_x3_firmware | 5.3 | ||
| 2018-06-05 | CVE-2018-10597 | IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to access memory ("write-what-where") from an attacker-chosen device address within the same subnet. | Avalon_fetal\/maternal_monitors_fm20_firmware, Avalon_fetal\/maternal_monitors_fm30_firmware, Avalon_fetal\/maternal_monitors_fm40_firmware, Avalon_fetal\/maternal_monitors_fm50_firmware, Intellivue_mp2_firmware, Intellivue_mp30_firmware, Intellivue_mp50_firmware, Intellivue_mp70_firmware, Intellivue_mx100_firmware, Intellivue_mx400_firmware, Intellivue_mx450_firmware, Intellivue_mx500_firmware, Intellivue_mx550_firmware, Intellivue_mx700_firmware, Intellivue_mx800_firmware, Intellivue_np90_firmware, Intellivue_x2_firmware, Intellivue_x3_firmware | 8.3 |