Lucene search
IcscertCVELIST:CVE-2021-43552HistoryDec 27, 2021 - 6:48 p.m.
CVE-2021-43552 Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of Hard-coded Cryptographic Key
2021-12-2718:48:22
CWE-321
icscert
www.cve.org
4
philips patient information center ix
efficia cm series
hard-coded cryptographic key
encrypted data recovery
versions b.02
c.02
c.03
CVSS3
6.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
AI Score
6.5
Confidence
High
EPSS
0
Percentile
10.4%
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.
CNA Affected
[
{
"product": "Patient Information Center iX (PIC iX)",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
},
{
"status": "affected",
"version": "B.02"
}
]
}
]Related
prion
prion
Hardcoded credentials
2021-12-27 19:15:00
cve
cve
CVE-2021-43552
2021-12-27 19:15:08
nvd
nvd
CVE-2021-43552
2021-12-27 19:15:08
ics
ics
CVSS3
6.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
AI Score
6.5
Confidence
High
EPSS
0
Percentile
10.4%
Related for CVELIST:CVE-2021-43552