MitM attack in Philips Interoperability Solution XDS



Published: 2021-06-25
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2021-32966
CWE-ID CWE-319
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
Interoperability Solution XDS
Hardware solutions / Medical equipment

Vendor Philips

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Cleartext transmission of sensitive information

EUVDB-ID: #VU54386

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32966

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals. A remote attacker with ability to intercept network traffic can remotely read LDAP system credentials.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Interoperability Solution XDS: 2.5 - 2021-1


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-21-175-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###