CVE-2018-14799
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
22/08/2018
Last modified:
17/06/2026
Description
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities.
Impact
Base Score 3.x
3.70
Severity 3.x
LOW
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:philips:pagewriter_tc70_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:philips:pagewriter_tc70:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:pagewriter_tc50_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:philips:pagewriter_tc50:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:pagewriter_tc30_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:philips:pagewriter_tc30:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:pagewriter_tc20_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:philips:pagewriter_tc20:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:pagewriter_tc10_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:philips:pagewriter_tc10:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/105103
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- http://www.securityfocus.com/bid/105103
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-228-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security



