Vulnerability-Lookup

CVE-2018-8861 (GCVE-0-2018-8861)

Vulnerability from cvelistv5 – Published: 2018-05-04 17:00 – Updated: 2024-09-17 03:59

Summary

Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.

Severity ?

No CVSS data available.

CWE

CWE-668 - EXPOSURE OF RESOURCE TO WRONG SPHERE CWE-668

Assigner

icscert

References

URL

	Vendor	Product	Version
	Philips	Brilliance CT Scanners	Affected: Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior.

GHSA-W6P7-4P9Q-W24C

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31

Details

Severity ?

8.7 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-8861"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-04T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.",
  "id": "GHSA-w6p7-4p9q-w24c",
  "modified": "2022-05-13T01:31:45Z",
  "published": "2022-05-13T01:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8861"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01"
    },
    {
      "type": "WEB",
      "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104088"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2018-8861

Vulnerability from fkie_nvd - Published: 2018-05-04 17:29 - Updated: 2024-11-21 04:14

Severity ?

8.7 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/104088	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01	Third Party Advisory, US Government Resource
ics-cert@hq.dhs.gov	https://www.usa.philips.com/healthcare/about/customer-support/product-security	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104088	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.usa.philips.com/healthcare/about/customer-support/product-security	Vendor Advisory

Impacted products

Vendor	Product	Version
philips	brilliance_firmware_64	*
philips	brilliance_64	-
philips	brilliance_ict_sp_firmware	*
philips	brilliance_ict_sp	-
philips	brilliance_ict_firmware	*
philips	brilliance_ict	-
philips	_brilliance_ct_big_bore_firmware	*
philips	_brilliance_ct_big_bore	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:philips:brilliance_firmware_64:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E298132-F9D0-4BB8-9100-BEFEF59E92BA",
              "versionEndIncluding": "2.6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:philips:brilliance_64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B75466BA-22B4-49E3-A5AB-DD4E19C752C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:philips:brilliance_ict_sp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3660331E-679A-4E55-9D74-7794833650FB",
              "versionEndIncluding": "3.2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:philips:brilliance_ict_sp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC2680D-DCB1-48E6-9F44-A6D35D973DD9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:philips:brilliance_ict_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2178E64D-018C-4AAC-9E4D-6671FECCCD2B",
              "versionEndIncluding": "4.1.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:philips:brilliance_ict:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "54867DDB-FAAE-452A-9406-963ED07934C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:philips:_brilliance_ct_big_bore_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2510AB7E-EBF6-41D3-9345-39A264695A84",
              "versionEndIncluding": "2.3.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:philips:_brilliance_ct_big_bore:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE132B50-01A4-4AEB-A18D-28DDAF51830E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidades en el entorno de quiosco de Philips Brilliance CT (Brilliance 64 en versiones 2.6.2 y anteriores, Brilliance iCT en versiones 4.1.6 y anteriores, Brillance iCT SP en versiones 3.2.4 y anteriores y Brilliance CT Big Bore 2.3.5 y anteriores) podr\u00edan permitir que un usuario del quiosco con acceso limitado o un atacante no autorizado salgan del confinamiento del entorno del quiosco, logren privilegios elevados del sistema operativo de Windows y accedan a recursos no autorizados del sistema operativo."
    }
  ],
  "id": "CVE-2018-8861",
  "lastModified": "2024-11-21T04:14:28.440",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 9.5,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-04T17:29:00.583",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104088"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-668"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2018-8861

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-8861

Aliases

CVE-2018-8861

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-8861",
    "description": "Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.",
    "id": "GSD-2018-8861"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-8861"
      ],
      "details": "Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.",
      "id": "GSD-2018-8861",
      "modified": "2023-12-13T01:22:34.431545Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "DATE_PUBLIC": "2018-05-01T00:00:00",
        "ID": "CVE-2018-8861",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Brilliance CT Scanners",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Philips"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "EXPOSURE OF RESOURCE TO WRONG SPHERE CWE-668"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security",
            "refsource": "CONFIRM",
            "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
          },
          {
            "name": "104088",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104088"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:philips:brilliance_firmware_64:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.6.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:philips:brilliance_64:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:philips:brilliance_ict_sp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "3.2.4",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:philips:brilliance_ict_sp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:philips:brilliance_ict_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.1.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:philips:brilliance_ict:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:philips:_brilliance_ct_big_bore_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.3.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:philips:_brilliance_ct_big_bore:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-8861"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01"
            },
            {
              "name": "104088",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104088"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 9.5,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 2.0,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2019-10-09T23:42Z",
      "publishedDate": "2018-05-04T17:29Z"
    }
  }
}

CNVD-2018-09238

Vulnerability from cnvd - Published: 2018-05-09

Title

Philips Brilliance CT Scanners未授权访问漏洞

Description

Philips Brilliance 64等都是荷兰飞利浦（Philips）公司的CT扫描仪设备。多款Philips Brilliance CT设备中的kiosk环境存在安全漏洞。攻击者可利用该漏洞摆脱kiosk环境的限制，从底层Windows操作系统中获取提升的权限或获取操作系统中未授权资源的访问权限。

Severity

中

Patch Name

Philips Brilliance CT Scanners未授权访问漏洞的补丁

Patch Description

Philips Brilliance 64等都是荷兰飞利浦（Philips）公司的CT扫描仪设备。多款Philips Brilliance CT设备中的kiosk环境存在安全漏洞。攻击者可利用该漏洞摆脱kiosk环境的限制，从底层Windows操作系统中获取提升的权限或获取操作系统中未授权资源的访问权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.usa.philips.com/

Reference

https://www.securityfocus.com/bid/104088 https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01 https://www.usa.philips.com/healthcare/about/customer-support/product-security

Impacted products

Name
['Philips Brilliance 64 <=2.6.2', 'Philips Brilliance iCT <=4.1.6', 'Philips Brillance iCT SP <=3.2.4', 'Philips Brilliance CT Big Bore <= 2.3.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-8861"
    }
  },
  "description": "Philips Brilliance 64\u7b49\u90fd\u662f\u8377\u5170\u98de\u5229\u6d66\uff08Philips\uff09\u516c\u53f8\u7684CT\u626b\u63cf\u4eea\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3ePhilips Brilliance CT\u8bbe\u5907\u4e2d\u7684kiosk\u73af\u5883\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6446\u8131kiosk\u73af\u5883\u7684\u9650\u5236\uff0c\u4ece\u5e95\u5c42Windows\u64cd\u4f5c\u7cfb\u7edf\u4e2d\u83b7\u53d6\u63d0\u5347\u7684\u6743\u9650\u6216\u83b7\u53d6\u64cd\u4f5c\u7cfb\u7edf\u4e2d\u672a\u6388\u6743\u8d44\u6e90\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "Philips",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.usa.philips.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-09238",
  "openTime": "2018-05-09",
  "patchDescription": "Philips Brilliance 64\u7b49\u90fd\u662f\u8377\u5170\u98de\u5229\u6d66\uff08Philips\uff09\u516c\u53f8\u7684CT\u626b\u63cf\u4eea\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3ePhilips Brilliance CT\u8bbe\u5907\u4e2d\u7684kiosk\u73af\u5883\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6446\u8131kiosk\u73af\u5883\u7684\u9650\u5236\uff0c\u4ece\u5e95\u5c42Windows\u64cd\u4f5c\u7cfb\u7edf\u4e2d\u83b7\u53d6\u63d0\u5347\u7684\u6743\u9650\u6216\u83b7\u53d6\u64cd\u4f5c\u7cfb\u7edf\u4e2d\u672a\u6388\u6743\u8d44\u6e90\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Philips Brilliance CT Scanners\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Philips Brilliance 64 \u003c=2.6.2",
      "Philips Brilliance iCT \u003c=4.1.6",
      "Philips Brillance iCT SP \u003c=3.2.4",
      "Philips Brilliance CT Big Bore \u003c= 2.3.5"
    ]
  },
  "referenceLink": "https://www.securityfocus.com/bid/104088\r\nhttps://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01\r\nhttps://www.usa.philips.com/healthcare/about/customer-support/product-security",
  "serverity": "\u4e2d",
  "submitTime": "2018-05-04",
  "title": "Philips Brilliance CT Scanners\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-8861 (GCVE-0-2018-8861)

GHSA-W6P7-4P9Q-W24C

FKIE_CVE-2018-8861

GSD-2018-8861

CNVD-2018-09238

Tags

Sightings

Nomenclature