QwikSec

Security Database

CVE

CWE

Training

CVE-2018-8842

Published: Sep 26, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The Philips e-Alert communication channel is not encrypted which could therefore lead to disclosure of personal contact information and application login credentials from within the same subnet.

Vendor	Product	Versions
Philips	e-Alert Unit (non-medical device)	affected `R2.1 and prior`

Weaknesses (CWE)

References

https://www.usa.philips.com/healthcare/about/customer-support/product-security

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.