CVE-2021-27497

EUVD-2021-14251
Philips Vue PACS versions 12.2.x.x and prior does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
icscertCNA
6.5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
philipsmyvue
𝑥
< 12.2.1.5
philipsspeech
𝑥
< 12.2.8.0
philipsvue_motion
𝑥
< 12.2.1.5
philipsvue_pacs
𝑥
< 12.2.8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.philips.com/productsecurity
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
http://www.philips.com/productsecurity
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01