IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSMA-18-156-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
History
10 May 2021, 15:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:philips:intellivue_patient_monitors_mx100:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_x3_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mx700:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mp70:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mp2:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mp50:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx800_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx100_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_x3:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_np90:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_np90_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mp2_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mx400:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx450_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mx500:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mp30_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx700_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_x2:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx550_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mx550:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mx450:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mp30:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_patient_monitors_mx800:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mx500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_mp70_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_patient_monitors_x2_firmware:-:*:*:*:*:*:*:* |
cpe:2.3:o:philips:intellivue_mx450_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_np90:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mp50_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_x2:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mx500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx450:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mp30:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mp2_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mp50:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mp70:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mp30_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mp2:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_np90_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_mx500:-:*:*:*:*:*:*:* cpe:2.3:h:philips:intellivue_x3:-:*:*:*:*:*:*:* cpe:2.3:o:philips:intellivue_mp70_firmware:-:*:*:*:*:*:*:* |
Information
Published : 2018-06-05 20:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-10601
Mitre link : CVE-2018-10601
CVE.ORG link : CVE-2018-10601
JSON object : View
Products Affected
philips
- intellivue_mx500_firmware
- intellivue_mx550_firmware
- intellivue_mx400_firmware
- intellivue_mx800_firmware
- avalon_fetal\/maternal_monitors_fm50
- intellivue_mp2
- intellivue_mx450
- intellivue_x3
- intellivue_mp2_firmware
- intellivue_mp30
- intellivue_mp30_firmware
- intellivue_mx700
- intellivue_np90
- intellivue_mx100_firmware
- avalon_fetal\/maternal_monitors_fm20
- avalon_fetal\/maternal_monitors_fm30_firmware
- intellivue_mp70
- avalon_fetal\/maternal_monitors_fm50_firmware
- avalon_fetal\/maternal_monitors_fm40_firmware
- avalon_fetal\/maternal_monitors_fm40
- avalon_fetal\/maternal_monitors_fm20_firmware
- intellivue_mp50_firmware
- intellivue_mx450_firmware
- intellivue_np90_firmware
- intellivue_mx550
- intellivue_mx500
- intellivue_mx100
- intellivue_mp50
- intellivue_mx800
- avalon_fetal\/maternal_monitors_fm30
- intellivue_mp70_firmware
- intellivue_x2
- intellivue_mx400
- intellivue_mx700_firmware
- intellivue_x3_firmware
- intellivue_x2_firmware