CVE-2018-10599 - OpenCVE

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Philips	Intellivue Mx400 Firmware Intellivue Mp50 Intellivue Mp30 Firmware Intellivue Mx450 Firmware Avalon Fetal\/maternal Monitors Fm50 Firmware Intellivue Mp2 Intellivue X2 Avalon Fetal\/maternal Monitors Fm30 Firmware Intellivue Mx100 Firmware Avalon Fetal\/maternal Monitors Fm30 Intellivue Mp70 Firmware Intellivue Mx400 Avalon Fetal\/maternal Monitors Fm50 Intellivue Mp50 Firmware Avalon Fetal\/maternal Monitors Fm20 Intellivue Mx550 Firmware Intellivue Mx100 Intellivue Np90 Avalon Fetal\/maternal Monitors Fm20 Firmware Intellivue Mx800 Firmware Intellivue Mx800 Intellivue Mx700 Intellivue Mx500 Firmware Intellivue X2 Firmware Intellivue X3 Intellivue Np90 Firmware Intellivue Mp30 Intellivue Mp2 Firmware Intellivue X3 Firmware Intellivue Mp70 Intellivue Mx550 Avalon Fetal\/maternal Monitors Fm40 Intellivue Mx450 Intellivue Mx500 Intellivue Mx700 Firmware Avalon Fetal\/maternal Monitors Fm40 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:philips:intellivue_mp2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mp2:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_x2:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:philips:intellivue_mp30_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mp30:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:philips:intellivue_mp50_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mp50:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:philips:intellivue_mp70_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mp70:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:philips:intellivue_np90_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_np90:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:philips:intellivue_mx450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx450:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:philips:intellivue_mx500_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx500:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_x3:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:philips:avalon_fetal\/maternal_monitors_fm20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:avalon_fetal\/maternal_monitors_fm20:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:philips:avalon_fetal\/maternal_monitors_fm30_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:avalon_fetal\/maternal_monitors_fm30:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:philips:avalon_fetal\/maternal_monitors_fm40_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:avalon_fetal\/maternal_monitors_fm40:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:philips:avalon_fetal\/maternal_monitors_fm50_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:philips:avalon_fetal\/maternal_monitors_fm50:-:*:*:*:*:*:*:*

References

Link	Resource
https://ics-cert.us-cert.gov/advisories/ICSMA-18-156-01	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2018-06-05T00:00:00

Updated: 2018-06-05T19:57:01

Reserved: 2018-05-01T00:00:00

Link: CVE-2018-10599

JSON object: View

NVD Information

Status : Modified

Published: 2018-06-05T20:29:00.873

Modified: 2021-05-10T15:08:11.710

Link: CVE-2018-10599

JSON object: View

Redhat Information

No data.

CWE

CWE-200