Main Vulnerability Database SB2018121102

SB2018121102 - Security restrictions bypass in Philips HealthSuite Health Android App

Published: December 11, 2018

Security Bulletin ID SB2018121102

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security restrictions bypass (CVE-ID: CVE-2018-19001)

The vulnerability allows a physical attacker to bypass security restrictions on the target system.

The weakness exists due to the software uses simple encryption that is not strong enough for the level of protection required. A physical attacker can bypass security restrictions and impact confidentiality and integrity of the product.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://ics-cert.us-cert.gov/advisories/ICSMA-18-340-01