Philips E-alert Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Philips E-alert Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2018-8856 — CVSS 9.8 (critical): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for…
CVE-2018-8850 — CVSS 9.8 (critical): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to…
CVE-2018-8844 — CVSS 8.8 (high): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The web application does not, or cannot, sufficiently verify whether a…
CVE-2018-8852 — CVSS 8.8 (high): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session…
CVE-2018-8842 — CVSS 8.8 (high): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext…
CVE-2018-8854 — CVSS 7.5 (high): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly restrict the size or amount of resources…
CVE-2018-8848 — CVSS 7.5 (high): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an…
CVE-2018-8846 — CVSS 6.1 (medium): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes…
CVE-2018-14803 — CVSS 5.3 (medium): Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The Philips e-Alert contains a banner disclosure vulnerability that…