CVE-2019-18263

Name of the Vulnerable Software and Affected Versions Philips Veradius Unity versions with wireless option shipped between 2016 and August 2018 Philips Veradius Unity versions with ViewForum option shipped between 2016 and August 2018 Philips Pulsera versions with wireless option shipped between 26-June-2017 and 07-August 2018 Philips Pulsera versions with ViewForum option shipped between 26-June-2017 and 07-August 2018 Philips Endura Dual WAN Router versions with wireless option shipped between 26-June-2017 and 07-August 2018 Philips Endura Dual WAN Router versions with ViewForum option shipped between 26-June-2017 and 07-August 2018

Description The issue is related to the encryption scheme used by the router software, which is not strong enough for the required level of protection.

Recommendations For Philips Veradius Unity with wireless option shipped between 2016 and August 2018, consider disabling the wireless functionality until a stronger encryption scheme is implemented. For Philips Veradius Unity with ViewForum option shipped between 2016 and August 2018, restrict access to the ViewForum feature to minimize potential risks. For Philips Pulsera and Endura Dual WAN Router versions with wireless or ViewForum options shipped between 26-June-2017 and 07-August 2018, avoid using the affected router software for sensitive data transmission until the encryption scheme is strengthened. At the moment, there is no information about a newer version that contains a fix for this issue.