PT-2021-16979 · Philips · Philips Mri 1.5T+1
Michael Aguilar
·
Published
2021-11-19
·
Updated
2021-11-23
·
CVE-2021-26248
CVSS v4.0
5.9
Medium
| Vector | AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Philips MRI 1.5T and MRI 3T Version 5.x.x
Description
The issue arises when Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource. This could potentially lead to unauthorized access or control.
Recommendations
For Philips MRI 1.5T and MRI 3T Version 5.x.x, consider restricting access to resources to only intended control spheres until a fix is available. Additionally, review and adjust ownership assignments to ensure they are within the intended control sphere. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Philips Mri 1.5T
Philips Mri 3T