CVE-2019-13534 - OpenCVE

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Philips	M8002a M8004a M8001a M8105a Intellivue Mp Monitors Mp20-mp90 Firmware M8102a Intellivue Mp Monitors Mp2\/x2 Firmware M8008a Intellivue Mp Monitors Mx800\/700\/600 Firmware M8003a Intellivue Mp Monitors Mp5\/5sc Firmware 865241 M8005a M8007a 865240 M8105as M3002a M80010a 865242

Configuration 1 [-]

AND

cpe:2.3:o:philips:intellivue_mp_monitors_mp20-mp90_firmware:a.03.09:*:*:*:*:*:*:*

OR	cpe:2.3:h:philips:m80010a:a:::::::*
	cpe:2.3:h:philips:m8001a:a:::::::*
	cpe:2.3:h:philips:m8002a:a:::::::*
	cpe:2.3:h:philips:m8003a:a:::::::*
	cpe:2.3:h:philips:m8004a:a:::::::*
	cpe:2.3:h:philips:m8005a:a:::::::*
	cpe:2.3:h:philips:m8007a:a:::::::*
	cpe:2.3:h:philips:m8008a:a:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:philips:intellivue_mp_monitors_mp5\/5sc_firmware:a.03.09:*:*:*:*:*:*:*

OR	cpe:2.3:h:philips:m8105a:a:::::::*
	cpe:2.3:h:philips:m8105as:a:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:philips:intellivue_mp_monitors_mp2\/x2_firmware:a01.09:*:*:*:*:*:*:*

OR	cpe:2.3:h:philips:m3002a:b:::::::*
	cpe:2.3:h:philips:m8102a:b:::::::*

Configuration 4 [-]

AND

cpe:2.3:o:philips:intellivue_mp_monitors_mx800\/700\/600_firmware:a.01.09:*:*:*:*:*:*:*

OR	cpe:2.3:h:philips:865240:b:::::::*
	cpe:2.3:h:philips:865241:b:::::::*
	cpe:2.3:h:philips:865242:b:::::::*

References

Link	Resource
https://www.us-cert.gov/ics/advisories/icsma-19-255-01	Mitigation Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2019-09-12T19:02:57

Updated: 2019-09-12T19:02:57

Reserved: 2019-07-11T00:00:00

Link: CVE-2019-13534

JSON object: View

NVD Information

Status : Modified

Published: 2019-09-12T20:15:11.727

Modified: 2019-10-09T23:46:33.717

Link: CVE-2019-13534

JSON object: View

Redhat Information

No data.

CWE

CWE-494